I'm using basic http authentication in my rails app with the following
class ApplicationController < ActionController::Base
helper :all # include all helpers, all the time
authenticate_or_request_with_http_basic do |username,
if username.nil? || password.nil?
render :inline => %(xml.instruct! :xml, :version =>
"1.0", :encoding => "UTF-8"
xml.error('Could not authenticate
end), :type => :builder, :status =>
The problem is, if you do a curl http://127.0.0.1:3000/foo/1.xml
without providing the -u username:password flag, you get a dead beat
response like this:
HTTP/1.1 401 Unauthorized
WWW-Authenticate: Basic realm="Foo"
Content-Type: text/html; charset=utf-8
Server: WEBrick/1.3.1 (Ruby/1.9.1/2010-01-10)
HTTP Basic: Access denied.
Is it possible at all to render the inline XML I have above in the
event a username and password is not provided by the user to give a
more meaningful error message to the user? I want the error message
for lack of credentials to be the same with incorrect credentials.
Obviously an HTTP 401 is attached for both cases as well.