Securing a single URL on our site
16 views
Skip to first unread message
vanderkerkoff
Feb 26, 2014, 4:37:37 AM2/26/14
to rubycas...@googlegroups.com
Hello everyone
I'm using the rubycas client to secure a controller, RestrictedController, with a before filter.
I'm then using that controller to create other controllers on our site.
One controller, the pages controller, we don't secure, so we don't create the pages controller from the restricted controller.
Someone has asked if we could restrict one page with the rubycas client.
Is that even possible?
If anyone has tried this before, or has any ideas(like tell them to go away), I'd love to hear them.
Thanks in advance
Matt
Robert Mitwicki
Feb 26, 2014, 4:53:09 AM2/26/14
to rubycas...@googlegroups.com
Hi,
If I understood you correctly, I think that what you are looking for
is before_filter :except || :only
so for example if you have a controller like:
class RestrictedController
before_filter CASClient::Frameworks::Rails::Filter, :except => [:dashboard]
end
and then if you will have
class PageController < RestrictedController
def dashboard
end
end
Then the dashboard action will not be restricted.
You can do opposite thing with using :only => [:dasboard] which means
that it will restrict only dashboard action.
Or you could use:
skip_filter CASClient::Frameworks::Rails::Filter, :only => [:dashboard]
in PageController then you do not need to do anything in RestrictedController
I hope that this will help you solve your problem.
Best regards
> --
> You received this message because you are subscribed to the Google Groups
> "RubyCAS" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to rubycas-serve...@googlegroups.com.
> To post to this group, send email to rubycas...@googlegroups.com.
> Visit this group at http://groups.google.com/group/rubycas-server.
> For more options, visit https://groups.google.com/groups/opt_out.
--
Robert Mitwicki
Senior Software Engineer
FXI Technologies
If I understood you correctly, I think that what you are looking for
is before_filter :except || :only
so for example if you have a controller like:
class RestrictedController
before_filter CASClient::Frameworks::Rails::Filter, :except => [:dashboard]
end
and then if you will have
class PageController < RestrictedController
def dashboard
end
end
Then the dashboard action will not be restricted.
You can do opposite thing with using :only => [:dasboard] which means
that it will restrict only dashboard action.
Or you could use:
skip_filter CASClient::Frameworks::Rails::Filter, :only => [:dashboard]
in PageController then you do not need to do anything in RestrictedController
I hope that this will help you solve your problem.
Best regards
> You received this message because you are subscribed to the Google Groups
> "RubyCAS" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to rubycas-serve...@googlegroups.com.
> To post to this group, send email to rubycas...@googlegroups.com.
> Visit this group at http://groups.google.com/group/rubycas-server.
> For more options, visit https://groups.google.com/groups/opt_out.
--
Robert Mitwicki
Senior Software Engineer
FXI Technologies
Reply all
Reply to author
Forward
0 new messages