This article is part of the confusing world of Authentication in Rails. Feel free to help.
There are about over nine thousand ways to do authentication, but Acts_as_authenticated stands out as one of the more sane solutions.
The gazillion different authentication systems
- Acts_as_authenticated – based on LoginGenerator; easier to use than SaltedHashLoginGenerator and ready for Rails 1.2.
- restful_authentication – similar to acts_as_authenticated, by technoweenie for RESTful interfaces
- A_quick_and_dirty_homemade_authentication_solution – a solution in as few as 26 lines of code that doesn’t require any downloads. This is good for a beginning Ruby on Rails user.
- LoginGenerator – A controller/model/view generator for adding authentication, users, and logins to your rails app. Superseded by Acts_as_authenticated.
- Crypted Authentication Plugin – A simple but effective encrypted password plugin for Rails. It deals with the encryption of a clear-text password using a randomly generated salt, and authentication. It does not try to do too much – it makes no major assumptions about your domain and only requires a small change to your schema to implement. It is extracted from code used on several projects and contains a full BDD-style test suite.
- OpenID – A decentralized URL based identity system. An OpenID is simply a URL, and all the OpenID specification does is describe a way to securely prove that the user owns that URL. Particulary useful where SSO is needed.
- ActiveDirectory – How to authenticate via active directory
- SaltedHashLoginGenerator – A generator based on the LoginGenerator by TobiasLuetke. This generator adds ActionMailer support for changed and forgotten passwords, as well as account verification via a registration email with a custom URL sent to the user’s registered address.
- LoginSugar – An improved version of SaltedHashLoginGenerator.
- Auth_generator – A generator by penso. There is a video and information how to install it. It supports different ways to crypt password (MD5, SHA, SHA+login as a salt), all the usual features (send email for forgotten password, create account, resent confirmation, etc).
- ActiveRBAC – Role Based Access Control
- Goldberg – A more comprehensive security solution that also includes role-based access control, site navigation, a simple CMS and a management interface.
Even more? Yes!
Now that you’ve seen what libraries/plugins/engines/whatever exist to confuse your when choosing your authentication system, why not get confused even more?
This article is part of the confusing world of Authentication in Rails. Feel free to help.
There are about over nine thousand ways to do authentication, but Acts_as_authenticated stands out as one of the more sane solutions.
The gazillion different authentication systems
- Acts_as_authenticated – based on LoginGenerator; easier to use than SaltedHashLoginGenerator and ready for Rails 1.2.
- restful_authentication – similar to acts_as_authenticated, by technoweenie for RESTful interfaces
- A_quick_and_dirty_homemade_authentication_solution – a solution in as few as 26 lines of code that doesn’t require any downloads. This is good for a beginning Ruby on Rails user.
- LoginGenerator – A controller/model/view generator for adding authentication, users, and logins to your rails app. Superseded by Acts_as_authenticated.
- Crypted Authentication Plugin – A simple but effective encrypted password plugin for Rails. It deals with the encryption of a clear-text password using a randomly generated salt, and authentication. It does not try to do too much – it makes no major assumptions about your domain and only requires a small change to your schema to implement. It is extracted from code used on several projects and contains a full BDD-style test suite.
- OpenID – A decentralized URL based identity system. An OpenID is simply a URL, and all the OpenID specification does is describe a way to securely prove that the user owns that URL. Particulary useful where SSO is needed.
- ActiveDirectory – How to authenticate via active directory
- SaltedHashLoginGenerator – A generator based on the LoginGenerator by TobiasLuetke. This generator adds ActionMailer support for changed and forgotten passwords, as well as account verification via a registration email with a custom URL sent to the user’s registered address.
- LoginSugar – An improved version of SaltedHashLoginGenerator.
- Auth_generator – A generator by penso. There is a video and information how to install it. It supports different ways to crypt password (MD5, SHA, SHA+login as a salt), all the usual features (send email for forgotten password, create account, resent confirmation, etc).
- ActiveRBAC – Role Based Access Control
- Goldberg – A more comprehensive security solution that also includes role-based access control, site navigation, a simple CMS and a management interface.
Even more? Yes!
Now that you’ve seen what libraries/plugins/engines/whatever exist to confuse your when choosing your authentication system, why not get confused even more?