Whitch of the authentication methodes to choose?

Hi List!

I was searching the web for a HowTo about authatication or session handling in rails. Finally I found Peak Obsession and read:

"This article is part of the confusing world of Authentication in Rails. Feel free to get lost in a gazillion of nearly useless and/or outdated Wikipages."

Hmm, that's funny, but reading more I found out there are two or three methods whitch seem to be not as bad as announced. I'm talking about "Acts_as_authenticated", "SaltedHashLoginGenerator" or "LoginGenerator".

But now, which to choose?

What I need is a secure authetication method. But what of them is still secure, or which is outdated or whatever? What are you using, or suggesting to me? Are there other alternatives?

Thank you all!

Daniel

The “gazillion” nearly useless pages probably is referring to the gazillion different generators and plugins that have been written, some of which are no longer supported by their authors. Authentication is such a common case, you would think it a perfect match for a plugin, but my experience is that users tend to be tied not just with authentication but also with other aspects of the application. This can lead to unexpected results when you log someone in with your fine plugin, then expect that user to has_many :posts or something like that.

I hope this explains a bit about why so many pages and methods exist for authentication.