authorization realm in rails context

#1
I have setup a virtual host using the EasyRailsWithSuEXEC template, and I have instantiated it. Lite Speed is properly passing on control to the Rails application. The URL "http://mydomain.com/admin" returns a page generated by Rails. I want to add a context to this virtual host that will limit access to the URI "/admin" using an authorization realm.

In the virtual host's Security pane, I added a password file based realm which has a single user entry. Once this was done, I went to the virtual host's Context pane and added a second context. I assigned it a "Rails" type. I set the URI for this context to "/admin". I set the realm to the newly created realm. I left the Location setting blank.

I saved the context definition. This second context had a sequence of 2. The first Rails context (for URI "/") had a sequence of 1. I applied the changes, and clicked on "Graceful Restart". The web server would not start after that. I even tried rebooting the computer and then executing the "lswsctrl start" command, but the thread for the Lite Speed server would crash with a KERN_PROTECTION_FAILURE error message. I needed to reinstall Lite Speed, version 2.2.2, to get the server running again.

Once again I tried applying an authorization realm, but this time I created a new context of type "Static". I set the URI to "/admin", set the realm to the one I created, and left Location blank. I also set Accessible to "No". I saved, applied the changes, and restarted the server. The server didn't crash this time. When I tried to access the /admin URI on the virtual host, I received a "403 Access Denied" page. The server did not ask me for username and password. I went back and changed the context setting Accessible to "Yes". After applying this change, the /admin page was returned, and once again the server failed to ask for username and password.

What am I doing wrong? How do I set up the server to limit access to a particular URI in a Rails application?

I am running Lite Speed on a PowerPC-based, dual processor PowerMac G5, Mac OS X 10.4.8.
 

mistwang

LiteSpeed Staff
#2
Location cannot be blank for static context, if you check your error log, it should complain that, you need to create "admin" directory if it does not exist under public/ folder, justa empty directory is ok, then use value "$DOC_ROOT/admin/" or just "admin/" for the location. Accessible should be "Yes" unless you want to block access to that URL.
 
#3
That did the trick. Once I created an empty admin directory, with Accessible set to "Yes", authentication worked. I was prompted for username and password the next time I accessed the /admin URI.

Thanks.
 
Top