Module: Caterpillar::Security

Defined in:: lib/caterpillar/security.rb

Overview

Security methods for Rails controllers. Request authentication is based on shared secret key, that is the Rails’ session secret.

Filters (see Caterpillar::Security::InstanceMethods)

authorize_agent
authorize_request
get_liferay_uid

To enable session security, insert this into ApplicationController:

include Caterpillar::Security
secure_portlet_sessions
before_filter [:authorize_agent, :authorize_request], :only => :get_liferay_uid
before_filter :get_liferay_uid

Defined Under Namespace

Modules: ClassMethods, InstanceMethods

Class Method Summary collapse

.included(base) ⇒ Object

:nodoc:.
.random_secret(len = 64) ⇒ Object

Class Method Details

.included(base) ⇒ `Object`

:nodoc:



27
28
29

# File 'lib/caterpillar/security.rb', line 27

def self.included(base) # :nodoc:
  base.extend(ClassMethods)
end

.random_secret(len = 64) ⇒ `Object`

# File 'lib/caterpillar/security.rb', line 31

def self.random_secret(len=64)
  chars = ('a'..'z').to_a + ('A'..'Z').to_a + (0..9).to_a
  (0...len).collect { chars[Kernel.rand(chars.length)] }.join
end