Authentication

Well the basic behind it is to add a before_filter to the controllers
you want authentication for.
You can also include only or exclude specific actions

class ApplicationController ...

before_filter :authenticated, :except [:list,:show]
OR
before_filter :authenticated :only [:create,:edit,:delete]

...
your normal actions
...

private
def authenticated
...check user permissions...
...return true or false ...
end

end

wow ... i should read the preview more careful next time...

1) forgot a colon in the 2nd before_filter
2) it's "Login Engine"
3) it's "active_rbac"