How to use SslRequirement plugin?

Hi all,

I need to use the SslRequirement plugin for a login page.
The plugin is installed, the code is normally correct (comes straight
from AWWRoR)

class LoginController < ApplicationController
  include SslRequirement

  ssl_required :login

(yes, the login method is defined)

When trying to access the login page I get this in the log:

Processing LoginController#login (for 127.0.0.1 at 2007-03-06
16:44:56) [GET]
  Session ID: ee439de1c66b2ec06185ac4e760c0be6
  Parameters: {"action"=>"login", "controller"=>"login"}
Redirected to https://localhost/nephrology
Filter chain halted as
[#<ActionController::Filters::ClassMethods::SymbolFilter:0x32678a4
@filter=:ensure_proper_protocol>] returned false.
Completed in 0.00010 (10000 reqs/sec) | DB: 0.00000 (0%) | 302 Found
[http://localhost/nephrology]

Anyway can help me out?

That part is an expected response… it saw that you didn’t request with the right protocol, and redirected you to the proper page (thus the 302 status code… that means redirect). Is your browser not going there? What is the specific problem?

Hi all,

I need to use the SslRequirement plugin for a login page.
The plugin is installed, the code is normally correct (comes straight
from AWWRoR)

class LoginController < ApplicationController
  include SslRequirement

  ssl_required :login

(yes, the login method is defined)

When trying to access the login page I get this in the log:

Processing LoginController#login (for 127.0.0.1 at 2007-03-06
16:44:56) [GET]
  Session ID: ee439de1c66b2ec06185ac4e760c0be6
  Parameters: {"action"=>"login", "controller"=>"login"}
Redirected to https://localhost/nephrology
Filter chain halted as
[#<ActionController::Filters::ClassMethods::SymbolFilter:0x32678a4
@filter=:ensure_proper_protocol>] returned false.
Completed in 0.00010 (10000 reqs/sec) | DB: 0.00000 (0%) | 302 Found
[http://localhost/nephrology]

Anyway can help me out?

It's doing exactly what it should - redirecting through https because
the original request was http. For testing purposes you might want to
override the ssl_required? method to not bother redirecting unless in
production.

    def ssl_required?
      ((self.class.read_inheritable_attribute(:ssl_required_actions)

[]).include?(action_name.to_sym)) && RAILS_ENV == 'production'

    end

Hope this helps.

Thanks for the feedback, Eric and Zack.

It redirects correct, the url is going to the https:/localhost/
(notice no port!)
But then an error number is returned (-122...).

I read somewhere that I should run another instance of webrick, on a
https port, is this correct?

Joram wrote:

I read somewhere that I should run another instance of webrick, on a
https port, is this correct?

No. You need to run a separate web server to handle the SSL requests.
It will then forward all requests to your Webrick or Mongrel instances.
See <a
href=‘http://www.buildingwebapps.com/articles/6401-using-ssl-in-rails-applications’>Building
Web Apps</a> for a pretty good tutorial.