This article is part of the confusing world of Authentication in Rails. Feel free to help: AuthenticationNeedsHelp.
There are many ways to do authentication, but restful_authentication stands out as one of the more widely used solutions.
Authentication implementations
- restful_authentication – similar to acts_as_authenticated (see below), by technoweenie for RESTful interfaces
- Acts_as_authenticated – based on LoginGenerator; easier to use than SaltedHashLoginGenerator and ready for Rails 1.2. DEPRECATED : Use restful_authentication instead.
- A_quick_and_dirty_homemade_authentication_solution – a solution in as few as 26 lines of code that doesn’t require any downloads. This is good for a beginning Ruby on Rails user.
- LoginGenerator – A controller/model/view generator for adding authentication, users, and logins to your rails app. Superseded by Acts_as_authenticated.
- Crypted Authentication Plugin – A simple but effective encrypted password plugin for Rails. It deals with the encryption of a clear-text password using a randomly generated salt, and authentication. It does not try to do too much – it makes no major assumptions about your domain and only requires a small change to your schema to implement. It is extracted from code used on several projects and contains a full BDD-style test suite.
- OpenID – A decentralized URL based identity system. An OpenID is simply a URL, and all the OpenID specification does is describe a way to securely prove that the user owns that URL. Particulary useful where SSO is needed.
- ActiveDirectory – How to authenticate via active directory
- SaltedHashLoginGenerator – A generator based on the LoginGenerator by TobiasLuetke. This generator adds ActionMailer support for changed and forgotten passwords, as well as account verification via a registration email with a custom URL sent to the user’s registered address.
- LoginSugar – An improved version of SaltedHashLoginGenerator.
- Auth_generator – A generator by penso. There is a video and information how to install it. It supports different ways to crypt password (MD5, SHA, SHA+login as a salt), all the usual features (send email for forgotten password, create account, resent confirmation, etc).
- ActiveRBAC – Role Based Access Control
- Goldberg – A more comprehensive security solution that also includes role-based access control, site navigation, a simple CMS and a management interface.