José Valim
6690d66292
Rename config.cookie_secret to config.secret_token and pass it as configuration in request.env. This is another step forward removing global configuration.
2010-04-05 12:00:24 +02:00
Carlhuda
e311622e7b
Deprecated ActionController::Base.session_options= and ActionController::Base.session_store= in favor of a config.session_store method (which takes params) and a config.cookie_secret variable, which is used in various secret scenarios. The old AC::Base options will continue to work with deprecation warnings.
2010-03-04 16:05:52 -08:00
Carlhuda
5e0a05b8cb
Tweak the semantic of various URL related methods of ActionDispatch::Request
2010-03-03 21:23:34 -08:00
Carlhuda
bf9913f8f4
Move session_store and session_options to the AC configuration object
2010-03-03 15:49:52 -08:00
José Valim
32bde66aa6
Make http digest work with different server/browser combinations
...
Signed-off-by: Pratik Naik <pratiknaik@gmail.com>
2009-08-09 15:53:52 +01:00
nate
f68cc639f5
A test to show that http_authentication needs to fail authentication if the password procedure returns nil. Also includes a fix to validate_digest_response to fail validation if the password procedure returns nil.
...
Signed-off-by: Michael Koziarski <michael@koziarski.com>
2009-06-09 19:47:53 +12:00
Pratik Naik
1a52b246eb
Add HTTP Authentication to the new base
2009-05-22 00:29:47 +02:00
Pratik Naik
195fadbfd3
Ensure HTTP Digest auth uses appropriate HTTP method [ #2490 state:resolved] [Steve Madsen]
2009-05-18 16:59:37 +02:00
Joshua Peek
0494909679
Inherit TestSession from Session::AbstractStore and add indifferent access to Session::AbstractStore.
2009-04-26 14:33:57 -05:00
Donald Parish
be7b64b35a
Support MD5 passwords for Digest auth and use session_options[:secret] in nonce [ #2209 state:resolved]
...
Signed-off-by: Pratik Naik <pratiknaik@gmail.com>
2009-03-12 13:24:54 +00:00
Donald Parish
86d8f92282
Fixed http digest authentication to use credentials URI passed from client. [ #1848 state:resolved]
...
Signed-off-by: Pratik Naik <pratiknaik@gmail.com>
2009-02-16 20:20:23 +01:00
Gregg Kellogg
306cc2b920
Implement HTTP Digest authentication. [ #1230 state:resolved] [Gregg Kellogg, Pratik Naik]
...
Signed-off-by: Pratik Naik <pratiknaik@gmail.com>
2009-01-29 16:01:59 +00:00
Pratik Naik
c99ef814b0
Revert "HTTP Digest authentication [ #1230 state:resolved]"
...
This reverts commit 45dee3842d68359a189fe7c0729359bd5a905ea4.
Reasons :
1. The code is not working in it's current state
2. Should not be using exceptions for flow control
2009-01-13 16:13:42 +00:00
Joshua Peek
45dee3842d
HTTP Digest authentication [ #1230 state:resolved]
2008-12-28 15:13:16 -06:00