I have a requirement where I need to authenticate a user connection BEFORE it is handed off to Rails. Normally this is handled via an .htacess file or use mod_auth_ldap or something similar. Here's the rub... I want Rails to be the sole writer of login & password information. This means I need to get Apache to read the Rails database and compare the HTTP credentials to the contents therein.
Anyone do this before? What mod_* did you use for Apache? Is there another methodology or mechanism I should be investigating? Am I stuck with moving all user data into LDAP and requiring both Apache and Rails to use it?
I looked at adding a simple DB lookup to a Mongrel handler, but for my purposes the handler would run too late (i.e. after the entire HTTP body is read). I need this authentication to run as soon as the header is complete. Plus, the Mongrel docs are pretty clear in saying that authentication should be handled outside Mongrel by a static HTTP server, Mongrel isn't all things to all people, it's just a pure HTTP server, etc.
Thanks for your input.