Combining rails intrAnet and public site.

Gaspard,

thank you for a reply.

I checked out zena before, and while it is a good CMS in it's own right
I don't think I can use it as it would require me to rewrite a huge a
existing application, or write api hooks.

I was mostly looking for a "RAILS WAY" strategy to implement this. It
looks like you are suggesting option #3. Which is what I got from a few
other sources.

Thank you for reply thou.

nick ger wrote:

Gaspard,

thank you for a reply.

I checked out zena before, and while it is a good CMS in it's own right
I don't think I can use it as it would require me to rewrite a huge a
existing application, or write api hooks.

I was mostly looking for a "RAILS WAY" strategy to implement this. It
looks like you are suggesting option #3. Which is what I got from a few
other sources.

Thank you for reply thou.

No problem. And don't worry too much about "exposing" your app. Putting
a "before_filter" in ApplicationController and a careful handling of the
login system works good (I am migrating to authlogic). Just take care of
two things:

1. no cache :wink:
2. keep your clients happy !

Gaspard

Marnen Laibow-Koser wrote:

nick ger wrote:

Gaspard,
while we are on the subject i was recently considering different
systems, and while right now I'm using restful_authentication I looked
at authlogic as well.

Any particular reason you prefer it over other rails authorization
systems?

I'm not Gaspard, but my reasons for preferring Authlogic are many:

* It's easier to work with.
* It doesn't clutter your model files with framework code (I'm ripping
restful_auth out of Quorum [ http://quorum.sf.net ] at the moment, and
the amount of framework-generated crap that I removed from user.rb is
staggering).
* You get more handy features for free.
* Testing generally seems easier.

The only downside is that Authlogic does slightly more magic.

Best,
--
Marnen Laibow-Koser
http://www.marnen.org
marnen@marnen.org

For all the reasons above and easy transitions from password hashing
schemes:

My current hashing method on passwords is not the best possible solution
so I can write an 'InitialCryptoProvider' to hash and match my old
passwords and write a single line in my User class to smoothly
transition from one hashing scheme to another without stressing my
users.

acts_as_authentic :transition_from_crypto_provider =>
Zena::BetaCryptoProvider, :crypto_provider =>
Authlogic::CryptoProviders::BCrypt

And authlogic makes it easy to support new authentications (ldap,
openid, etc).

G.