Say you are working on a site that has a splash/landing page that is public, but the site rest of the site needs to be locked down to a small group of people to alpha test. You could build this into your authentication model, or you could do it quickly and easily using HTTP Digest Authentication.
Setting up Digest authentication is beyond the scope here, so I”ll refer you to: The API
Once that’s set up, its straight forward to use, but if a user tries to access a page and doesn’t have the correct credentials and they click cancel they will be redirected to an empty white page with the abrasive words: “HTTP Digest: Access denied.\n”
Its easy to send them to your 401.html living in public. You did create one didn’t you? Neither did I, but I just copied 404.html and replaced some of the text easy-peazy.
This customization relies on a monkey patch(or is it Freedom Patching).
module ActionController
module HttpAuthentication
module Digest
def authentication_request_with_customization(controller, realm, message=nil)
message = controller.render_to_string("public/401.html")
authentication_request_without_customization(controller, realm, message)
end
alias_method_chain :authentication_request, :customization
end
end
end
