I'm designing a HIPAA compliant Rails site and need a plug-in to do the following
# Auto-Expiry: Each user is assigned a unique password; system has password expiration enabled with expiration time configurable by system administrator.
# salted password
# Secure Connection: Usage of HTTPS and SSL
# e-mail registration
I've seen the list of authentication plugins (http:// wiki.rubyonrails.org/rails/pages/Authentication) but wanted to get some feedback from someone who has implemented as many of the above features as possible. Any advice on picking and implementing one of these plug-ins?
Thanks! Chirag