views:

423

answers:

1

How can I do the same authentication stuff in this page using a subclass like this:

        class Configuration < HTTPServlet::AbstractServlet
        def do_GET (request, response)
         SOMETHING....
        end
        end

    server = HTTPServer.new(:Port => 666)
    server.mount "/conf", Configuration
    trap "INT" do server.shutdown end
    server.start
A: 

Seems to work OK for me if you do it in pretty much the same style e.g.

class Configuration < HTTPServlet::AbstractServlet
    def do_GET(req, res)
        HTTPAuth.basic_auth(req, res, "My Realm") {|user, pass|
          # block should return true if
          # authentication token is valid
          user == 'user' && pass == 'topsecret'
        }
        res.body = 
          "Authenticated OK\n"
    end
end

What is the problem you're having?

mikej
When I wrote my code like above, it didnt work for some reason :( . So I've read that you can put the HTTPAuth.basic_auth(.... block in the 'Configuration' class in the 'service' method. That way it works but; for the lifetime of the ruby code, it asks for authentication only once per each IP. I mean, when i first request the page, it asks for authentication, but when i refresh or close and reopen my browser it doesnt ask for authentication again. Looks like webrick isn't disposing the instances it creates (since it doesnt call the init or service method more than once for same IP)
kramer
I wouldn't expect the browser to ask for authentication again after a refresh because it will have remembered the credentials for the realm and will resend them automatically. When you closed and reopened the browser did you close all browser windows so that the browser was fully exited?
mikej
I have uploaded my full test script to http://pastie.org/pastes/575142 if you want to give that a try.
mikej
Yup, I did close all my browser windows. About the instances not being disposed: I have observed the memory usage of the ruby WEBrick code I wrote, and every new IP visiting the site adds more to the memory usage of code, and it didnt go down as far as I observed. Looks like something is missing here and i think authentication is related to it too... (if it did dispose the instance and re-created one each time browser refreshes then it would ask for authentication again, which solves my problem...)
kramer