I have a rails 2.3.8 application that has an admin folder that if anyone enters
/admin/anything
they need to be prompted for a login...I was looking for a good approach to do this
here the resources I was looking at authorization and authentication
The way I was thinking was to install authlogic or cancan or both or neither....not sure if anyone has a better solution. BTW I dont want authentication anywhere on the开发者_运维技巧 site
The best way to do this is to have all controllers under the admin/
namespace inherit from an AdminController with a before_filter that handles authorization
The simplest way to do this is to use http_basic authentication (railscast)
If you want multiple user/passwords, but without the complexity of devise/authlogic, try nifty_authentication (via ryan bates' nifty generators)
As ruby-toolbox indicates, CanCan and Devise are the most popular authorization / authentication solutions for rails. Check out the always excellent railscasts.com episodes to get started:
http://railscasts.com/episodes/192-authorization-with-cancan
http://railscasts.com/episodes/209-introducing-devise
Railscasts is a fantastic resource for quickly getting up to speed on rails topics.
精彩评论