- sdudley1
Has anyone else dabbled in it? We're embracing it more and more. Developing systems in Ruby takes us about half the time and collaboration and deployment are much easier (partially thanks to SVN and Capistrano).
We're now going to begin creating apps that are outward-facing using Ruby. Obviously one issue is the lack fo any example code for a Ruby on Rails WebAuth client interface. If anyone out there is curious or needs a kickstart in this category. The Ruby code below is a fully functional WebAuth interface for Rails (notice how little code it takes compared to PHP).
Is anyone out there jumping on the Ruby bandwagon like us?
A complete WebAuth interface in Ruby:
def authorize
reply = `/usr/local/asuwebauth/verify webauth.asu.edu #{cookies[:ASUWEBAUTH]} #{request.remote_ip}`.split(":") if cookies[:ASUWEBAUTH]
@asurite = reply[1].split("@").first if reply && reply.first == '0'
redirect_to "https://weblogin.asu.edu/cgi-bin/login?callapp=#{host}" unless @asurite
end
Wow - that webauth interface is slick. What have you been using Rails for?
We're moving entirely to Rails at this point, all of our new projects are being written in beautiful Ruby.
Just for those looking to harden their rails apps to th emany thugs and vandels out there here is a pretty good resource for some measures to avoid attacks, such as SQL Injection, Cross Site Reference(or Request) Forgery (CSRF), Cross site scripting(XSS) attack, etc.
http://www.quarkruby.com/2007/9/20/ruby-on-rails-security-guide
Enjoy and be safe out there.
The waters are murky and the sharks are always looking for easy prey.
gt @ biodesign institute