HTTPAuth provides both basic and digest authentication.

To enable authentication for requests in WEBrick you will need a user database and an authenticator. To start, here’s an Htpasswd database for use with a DigestAuth authenticator:

config = { :Realm => 'DigestAuth example realm' }

htpasswd = WEBrick::HTTPAuth::Htpasswd.new 'my_password_file'
htpasswd.auth_type = WEBrick::HTTPAuth::DigestAuth
htpasswd.set_passwd config[:Realm], 'username', 'password'
htpasswd.flush

The :Realm is used to provide different access to different groups across several resources on a server. Typically you’ll need only one realm for a server.

This database can be used to create an authenticator:

config[:UserDB] = htpasswd

digest_auth = WEBrick::HTTPAuth::DigestAuth.new config

To authenticate a request call #authenticate with a request and response object in a servlet:

def do_GET req, res
  @authenticator.authenticate req, res
end

For digest authentication the authenticator must not be created every request, it must be passed in as an option via WEBrick::HTTPServer#mount.

Show files where this module is defined (8 files)
Register or log in to add new notes.