1
0
Fork 0
mirror of https://github.com/rails/rails.git synced 2022-11-09 12:12:34 -05:00
Commit graph

25 commits

Author SHA1 Message Date
Lauro Caetano
b1b9a0aeca Typos. return -> returns. [ci skip] 2013-12-03 13:31:36 -02:00
Trevor Turk
2edf657a64 Remove comments about removing LegacyKeyGenerator in 4.1 2013-04-03 08:28:37 -05:00
Trevor Turk
7c7a427344 Rename DummyKeyGenerator -> LegacyKeyGenerator 2013-04-02 18:41:57 -05:00
Brad Dunbar
95332abe09 Digest auth should not 500 when given a basic header. 2013-03-18 14:50:47 -04:00
Francesco Rodriguez
a53a7bea80 update documentation and code to use _action callbacks 2012-12-07 14:46:06 -05:00
Santiago Pastorino
c2a7956eb7 Move ensure_secret_secure to DummyKeyGenerator 2012-11-03 14:57:54 -02:00
Santiago Pastorino
5d23925f84 Use derived keys everywhere, http_authentication was missing it 2012-11-03 14:57:54 -02:00
Arthur Smith
b3e2abc4b1 Fix for digest authentication bug - issue #2301 in rails/rails 2012-08-02 15:24:08 -04:00
kennyj
131083b819 Should use an argument in http_digest_authentication_test.rb 2012-03-17 20:23:28 +09:00
Piotr Sarnacki
3131a93797 Fix http digest authentication with trailing '/' or '?' (fixes #4038 and #3228) 2011-12-21 00:02:58 +01:00
Jarrod Carlson
53c1ae99f5 Added failing test to demonstrate digest authentication failure 2011-12-20 18:03:49 +01:00
José Valim
6690d66292 Rename config.cookie_secret to config.secret_token and pass it as configuration in request.env. This is another step forward removing global configuration. 2010-04-05 12:00:24 +02:00
Carlhuda
e311622e7b Deprecated ActionController::Base.session_options= and ActionController::Base.session_store= in favor of a config.session_store method (which takes params) and a config.cookie_secret variable, which is used in various secret scenarios. The old AC::Base options will continue to work with deprecation warnings. 2010-03-04 16:05:52 -08:00
Carlhuda
5e0a05b8cb Tweak the semantic of various URL related methods of ActionDispatch::Request 2010-03-03 21:23:34 -08:00
Carlhuda
bf9913f8f4 Move session_store and session_options to the AC configuration object 2010-03-03 15:49:52 -08:00
José Valim
32bde66aa6 Make http digest work with different server/browser combinations
Signed-off-by: Pratik Naik <pratiknaik@gmail.com>
2009-08-09 15:53:52 +01:00
nate
f68cc639f5 A test to show that http_authentication needs to fail authentication if the password procedure returns nil. Also includes a fix to validate_digest_response to fail validation if the password procedure returns nil.
Signed-off-by: Michael Koziarski <michael@koziarski.com>
2009-06-09 19:47:53 +12:00
Pratik Naik
1a52b246eb Add HTTP Authentication to the new base 2009-05-22 00:29:47 +02:00
Pratik Naik
195fadbfd3 Ensure HTTP Digest auth uses appropriate HTTP method [#2490 state:resolved] [Steve Madsen] 2009-05-18 16:59:37 +02:00
Joshua Peek
0494909679 Inherit TestSession from Session::AbstractStore and add indifferent access to Session::AbstractStore. 2009-04-26 14:33:57 -05:00
Donald Parish
be7b64b35a Support MD5 passwords for Digest auth and use session_options[:secret] in nonce [#2209 state:resolved]
Signed-off-by: Pratik Naik <pratiknaik@gmail.com>
2009-03-12 13:24:54 +00:00
Donald Parish
86d8f92282 Fixed http digest authentication to use credentials URI passed from client. [#1848 state:resolved]
Signed-off-by: Pratik Naik <pratiknaik@gmail.com>
2009-02-16 20:20:23 +01:00
Gregg Kellogg
306cc2b920 Implement HTTP Digest authentication. [#1230 state:resolved] [Gregg Kellogg, Pratik Naik]
Signed-off-by: Pratik Naik <pratiknaik@gmail.com>
2009-01-29 16:01:59 +00:00
Pratik Naik
c99ef814b0 Revert "HTTP Digest authentication [#1230 state:resolved]"
This reverts commit 45dee3842d.

Reasons :

1. The code is not working in it's current state
2. Should not be using exceptions for flow control
2009-01-13 16:13:42 +00:00
Joshua Peek
45dee3842d HTTP Digest authentication [#1230 state:resolved] 2008-12-28 15:13:16 -06:00