tags:

views:

503

answers:

1
Q: 

Rails - authenticate_or_request_with_http_basic custom "access denied" message

I'm struggling myself trying to change that default message once you insert invalid credentials as username:password on rails using authenticate_or_request_with_http_basic.

For example if I make a curl request on a method that need this authentication, once I insert the wrong username and password it returns HTTP Basic: Access denied.

So, in this case I would like to be able to customize this message with a specific XML formatted string, (just like twitter API does). Is that possible?

Thanks in advance

+1  A: 

If you want to customize the message in the login prompt, just pass the message to the method call.

authenticate_or_request_with_http_basic "My custom message" do |user_name, password|
  user_name == USER_NAME && password == PASSWORD
end

If you want to customize the final error message, according to Rails 2.3.4 source code you can do this only for the HTTP Digest authentication.

def authentication_request(controller, realm, message = nil)
  message ||= "HTTP Digest: Access denied.\n"
  authentication_header(controller, realm)
  controller.__send__ :render, :text => message, :status => :unauthorized
end

The Basic Authentication has the error message hard-coded into the method.

def authentication_request(controller, realm)
  controller.headers["WWW-Authenticate"] = %(Basic realm="#{realm.gsub(/"/, "")}")
  controller.__send__ :render, :text => "HTTP Basic: Access denied.\n", :status => :unauthorized
end
Simone Carletti  2009-11-17 08:16:28
Thanks weppos, I've checked that before too, but the thing is in this case I'm using BCrypt as encryption for my passwords, so I'm not sure if I can use Http Digest Auth with it, another thing is, Is there any way to override this functions from http basic? I tried without success, because It's kind weird since it looks like that Twitter API uses the Http Basic as well and they were able to configure the final error message.
ludicco  2009-11-17 09:34:22
Yes, with monkey patching you can override almost everything... but this is not always a good idea.
Simone Carletti  2009-11-17 10:55:51

related questions

Best place to get Ruby on Vista up and running as dev environment
How can I encode xml files to xfdl (base64-gzip)?
What is the best way to learn Ruby?
Learning Ruby on Rails any good for Grails?
How to sell Python to a client/boss/person with lots of cash
How do I create a Class using the Singleton Design Pattern in Ruby?
How do I update Ruby Gems from behind a Proxy (ISA-NTLM)
Why Should I Learn Ruby?
How do I create a new Ruby on Rails application using MySQL instead of SQLite?
How do I rake tasks within a ruby script?
Ruby On Rails with Windows Vista - Best Setup?
Mapping values from two array in Ruby
Reverse DNS in Ruby?
Text Editor For Linux (Besides Vi)?
What is good forum software to add to an existing Rails application?
Calling Bash Commands From Ruby
How can I modify .xfdl files? (Update #1)
How do I use (n)curses in Ruby?
Open Source Ruby Projects
How do I fix 'Unprocessed view path found' error with ExceptionNotifier plugin in rails 2.1?
When to use lambda, when to use Proc.new?
Frequent SystemExit in Ruby when making HTTP calls
Implementation of "Remember me" in a Rails application.
.NET Migrations Engine
How do I add existing comments to RDoc in Ruby?