[前][次][番号順一覧][スレッド一覧]

ruby-changes:17224

From: drbrain <ko1@a...>
Date: Sat, 11 Sep 2010 15:22:03 +0900 (JST)
Subject: [ruby-changes:17224] Ruby:r29224 (trunk): Add documentation for WEBrick's DigestAuth

drbrain	2010-09-11 15:21:51 +0900 (Sat, 11 Sep 2010)

  New Revision: 29224

  http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=29224

  Log:
    Add documentation for WEBrick's DigestAuth

  Modified files:
    trunk/ChangeLog
    trunk/lib/webrick/config.rb
    trunk/lib/webrick/httpauth/digestauth.rb

Index: ChangeLog
===================================================================
--- ChangeLog	(revision 29223)
+++ ChangeLog	(revision 29224)
@@ -1,3 +1,11 @@
+Sat Sep 11 15:19:57 2010  Eric Hodel  <drbrain@s...>
+
+	* lib/webrick/httpauth/digestauth.rb (WEBrick::Config::DigestAuth):
+	  Add documentation
+
+	* lib/webrick/config.rb (WEBrick::Config::DigestAuth): Add
+	  documentation
+
 Sat Sep 11 12:32:05 2010  Nobuyoshi Nakada  <nobu@r...>
 
 	* include/ruby/intern.h (rb_set_kcode, rb_get_kcode): removed
Index: lib/webrick/httpauth/digestauth.rb
===================================================================
--- lib/webrick/httpauth/digestauth.rb	(revision 29223)
+++ lib/webrick/httpauth/digestauth.rb	(revision 29224)
@@ -19,6 +19,30 @@
 
 module WEBrick
   module HTTPAuth
+
+    ##
+    # RFC 2617 Digest Access Authentication for WEBrick
+    #
+    # Use this class to add digest authentication to a WEBrick servlet.
+    #
+    # Here is an example of how to set up DigestAuth:
+    #
+    #   config = { :Realm => 'DigestAuth example realm' }
+    #
+    #   htpasswd = WEBrick::HTTPAuth::Htpasswd.new 'my_password_file'
+    #   htpasswd.auth_type = WEBrick::HTTPAuth::DigestAuth
+    #   htpasswd.set_passwd config[:Realm], 'username', 'password'
+    #   htpasswd.flush
+    #
+    #   config[:UserDB] = htpasswd
+    #
+    #   digest_auth = WEBrick::HTTPAuth::DigestAuth.new config
+    #
+    # When using this as with a servlet be sure not to create a new DigestAuth
+    # object in the servlet's #initialize.  By default WEBrick creates a new
+    # servlet instance for every request and the DigestAuth object must be
+    # used across requests.
+
     class DigestAuth
       include Authenticator
 
@@ -26,11 +50,27 @@
       OpaqueInfo = Struct.new(:time, :nonce, :nc)
       attr_reader :algorithm, :qop
 
+      ##
+      # Used by UserDB to create a password entry
+
       def self.make_passwd(realm, user, pass)
         pass ||= ""
         Digest::MD5::hexdigest([user, realm, pass].join(":"))
       end
 
+      ##
+      # Creates a new DigestAuth instance.  Be sure to use the same DigestAuth
+      # instance for multiple requests as it saves state between requests in
+      # order to perform authentication.
+      #
+      # See WEBrick::Config::DigestAuth for default configuration entries
+      #
+      # You must supply the following configuration entries:
+      #
+      # :Realm:: The name of the realm being protected.
+      # :UserDB:: A database of usernames and passwords.  See Htpasswd,
+      #           Htdigest, Htgroup
+
       def initialize(config, default=Config::DigestAuth)
         check_init(config)
         @config                 = default.dup.update(config)
@@ -62,6 +102,10 @@
         @mutex = Mutex.new
       end
 
+      ##
+      # Authenticates a +req+ and returns a 401 Unauthorized using +res+ if
+      # the authentication was not correct.
+
       def authenticate(req, res)
         unless result = @mutex.synchronize{ _authenticate(req, res) }
           challenge(req, res)
@@ -72,6 +116,10 @@
         return true
       end
 
+      ##
+      # Returns a challenge response which asks for for authentication
+      # information
+
       def challenge(req, res, stale=false)
         nonce = generate_next_nonce(req)
         if @use_opaque
Index: lib/webrick/config.rb
===================================================================
--- lib/webrick/config.rb	(revision 29223)
+++ lib/webrick/config.rb	(revision 29224)
@@ -82,6 +82,27 @@
       :AutoReloadUserDB     => true,
     }
 
+    ##
+    # Default configuration for WEBrick::HTTPAuth::DigestAuth.
+    #
+    # :Algorithm:: MD5, MD5-sess (default), SHA1, SHA1-sess
+    # :Domain:: An Array of URIs that define the protected space
+    # :Qop:: 'auth' for authentication, 'auth-int' for integrity protection or
+    #        both
+    # :UseOpaque:: Should the server send opaque values to the client?  This
+    #              helps prevent replay attacks.
+    # :CheckNc:: Should the server check the nonce count?  This helps the
+    #            server detect replay attacks.
+    # :UseAuthenticationInfoHeader:: Should the server send an
+    #                                AuthenticationInfo header?
+    # :AutoReloadUserDB:: Reload the user database provided by :UserDB
+    #                     automatically?
+    # :NonceExpirePeriod:: How long should we store used nonces?  Default is
+    #                      30 minutes.
+    # :NonceExpireDelta:: How long is a nonce valid?  Default is 1 minute
+    # :InternetExplorerHack:: Hack which allows Internet Explorer to work.
+    # :OperaHack:: Hack which allows Opera to work.
+
     DigestAuth = {
       :Algorithm            => 'MD5-sess', # or 'MD5'
       :Domain               => nil,        # an array includes domain names.

--
ML: ruby-changes@q...
Info: http://www.atdot.net/~ko1/quickml/

[前][次][番号順一覧][スレッド一覧]