Lauro Caetano
|
b1b9a0aeca
|
Typos. return -> returns. [ci skip]
|
2013-12-03 13:31:36 -02:00 |
|
Trevor Turk
|
2edf657a64
|
Remove comments about removing LegacyKeyGenerator in 4.1
|
2013-04-03 08:28:37 -05:00 |
|
Trevor Turk
|
7c7a427344
|
Rename DummyKeyGenerator -> LegacyKeyGenerator
|
2013-04-02 18:41:57 -05:00 |
|
Brad Dunbar
|
95332abe09
|
Digest auth should not 500 when given a basic header.
|
2013-03-18 14:50:47 -04:00 |
|
Francesco Rodriguez
|
a53a7bea80
|
update documentation and code to use _action callbacks
|
2012-12-07 14:46:06 -05:00 |
|
Santiago Pastorino
|
c2a7956eb7
|
Move ensure_secret_secure to DummyKeyGenerator
|
2012-11-03 14:57:54 -02:00 |
|
Santiago Pastorino
|
5d23925f84
|
Use derived keys everywhere, http_authentication was missing it
|
2012-11-03 14:57:54 -02:00 |
|
Arthur Smith
|
b3e2abc4b1
|
Fix for digest authentication bug - issue #2301 in rails/rails
|
2012-08-02 15:24:08 -04:00 |
|
kennyj
|
131083b819
|
Should use an argument in http_digest_authentication_test.rb
|
2012-03-17 20:23:28 +09:00 |
|
Piotr Sarnacki
|
3131a93797
|
Fix http digest authentication with trailing '/' or '?' (fixes #4038 and #3228)
|
2011-12-21 00:02:58 +01:00 |
|
Jarrod Carlson
|
53c1ae99f5
|
Added failing test to demonstrate digest authentication failure
|
2011-12-20 18:03:49 +01:00 |
|
José Valim
|
6690d66292
|
Rename config.cookie_secret to config.secret_token and pass it as configuration in request.env. This is another step forward removing global configuration.
|
2010-04-05 12:00:24 +02:00 |
|
Carlhuda
|
e311622e7b
|
Deprecated ActionController::Base.session_options= and ActionController::Base.session_store= in favor of a config.session_store method (which takes params) and a config.cookie_secret variable, which is used in various secret scenarios. The old AC::Base options will continue to work with deprecation warnings.
|
2010-03-04 16:05:52 -08:00 |
|
Carlhuda
|
5e0a05b8cb
|
Tweak the semantic of various URL related methods of ActionDispatch::Request
|
2010-03-03 21:23:34 -08:00 |
|
Carlhuda
|
bf9913f8f4
|
Move session_store and session_options to the AC configuration object
|
2010-03-03 15:49:52 -08:00 |
|
José Valim
|
32bde66aa6
|
Make http digest work with different server/browser combinations
Signed-off-by: Pratik Naik <pratiknaik@gmail.com>
|
2009-08-09 15:53:52 +01:00 |
|
nate
|
f68cc639f5
|
A test to show that http_authentication needs to fail authentication if the password procedure returns nil. Also includes a fix to validate_digest_response to fail validation if the password procedure returns nil.
Signed-off-by: Michael Koziarski <michael@koziarski.com>
|
2009-06-09 19:47:53 +12:00 |
|
Pratik Naik
|
1a52b246eb
|
Add HTTP Authentication to the new base
|
2009-05-22 00:29:47 +02:00 |
|
Pratik Naik
|
195fadbfd3
|
Ensure HTTP Digest auth uses appropriate HTTP method [#2490 state:resolved] [Steve Madsen]
|
2009-05-18 16:59:37 +02:00 |
|
Joshua Peek
|
0494909679
|
Inherit TestSession from Session::AbstractStore and add indifferent access to Session::AbstractStore.
|
2009-04-26 14:33:57 -05:00 |
|
Donald Parish
|
be7b64b35a
|
Support MD5 passwords for Digest auth and use session_options[:secret] in nonce [#2209 state:resolved]
Signed-off-by: Pratik Naik <pratiknaik@gmail.com>
|
2009-03-12 13:24:54 +00:00 |
|
Donald Parish
|
86d8f92282
|
Fixed http digest authentication to use credentials URI passed from client. [#1848 state:resolved]
Signed-off-by: Pratik Naik <pratiknaik@gmail.com>
|
2009-02-16 20:20:23 +01:00 |
|
Gregg Kellogg
|
306cc2b920
|
Implement HTTP Digest authentication. [#1230 state:resolved] [Gregg Kellogg, Pratik Naik]
Signed-off-by: Pratik Naik <pratiknaik@gmail.com>
|
2009-01-29 16:01:59 +00:00 |
|
Pratik Naik
|
c99ef814b0
|
Revert "HTTP Digest authentication [#1230 state:resolved]"
This reverts commit 45dee3842d .
Reasons :
1. The code is not working in it's current state
2. Should not be using exceptions for flow control
|
2009-01-13 16:13:42 +00:00 |
|
Joshua Peek
|
45dee3842d
|
HTTP Digest authentication [#1230 state:resolved]
|
2008-12-28 15:13:16 -06:00 |
|