Has Anyone Successfully Configured isapi_fcgi.dll For Basic Authentication Pass-Through?

Topics: Other Ruby On Rails Related Topics
Coordinator
Dec 23, 2006 at 8:06 AM
Lets suppose for a minute that your Rails application controller handles your application's authentication by connecting to your database to verify the authenticity of the requesting user as so:

  def authenticate(username,password)
    if !User.findbyname(user).is_authentic(password)
      render_unauthorized()
    end
  end
 
  def render_unauthorized
    response.headers['Status'] = '401 Unauthorized' 
    response.headers['WWW-Authenticate'] = 'Basic realm="MyRealm"'
    render( :status => '401 Unauthorized' )
  end

If you run your Rails application under Webrick and fetch a page through your browser, you will be prompted for credentials.

If you run your Rails application under IIS using Fast-CGI (using my installer), you will not be prompted for credentials. According to the documentation of Shane's isapi_fcgi.dll, there is a way to configure authentication to be passed from Rails -> FCGI -> IIS and then responded to the requesting client. When I initially built the installer, I tried configuring it work this way but could not figure out how to make it work properly.

If anyone has or figures out how to successfully pass through basic authentication, please post your findings here. I will look back through his documentation and play around to see if I can figure it out. Without this feature, you must rely on windows authentication methods for locking down your Rails application under IIS.

Brent