advertisement
Premier Club Log In/Registration
  Include Code  Search Tips
TODAY'S HEADLINES  |   ARTICLE ARCHIVE  |   SKILLBUILDING  |   TIP BANK  |   SOURCEBANK  |   FORUMS  |   NEWSLETTERS
Browse DevX
Build a Wiki System with Rails
Ride the Web Application Express with Ruby on Rails
Ruby on Rails Home Page
DevX: Security Zone
DevX: Web Development Zone
Sidebar 1. Overview of Security Concepts
Partners & Affiliates
advertisement
advertisement
advertisement
Rate this item | 0 users have rated this item.
Email this articleEmail this article
 
Build Robust Security into a Rails-Based Wiki System
Learn how to add robust security features to a simple wiki system built on the Rails platform. 

by Anil Hemrajani
June 27, 2007  
advertisement
ne of the core advantages of wiki systems is the ability to edit web pages stored on a server through a web browser. However, this function also allows administrators to look at the contents of your wiki pages, particularly if your wiki uses a shared server. If you store confidential information on that server, this is an especially undesirable compromise. A simple solution to this dilemma is to store the web pages in an encrypted form and use authentication to access them in a readable form.

Building on the wiki file-management system created in a previous DevX article ("Build a Wiki System with Rails"), this article demonstrates how to add authentication and encryption security features to the system (see Sidebar 1 for an overview of these security concepts). This simple system, called RailsWiki, offers basic web page management features such as view, edit, print, and so on (Figure 1 presents its basic design).

Click to enlarge
Figure 1. RailsWiki Design

The company I founded recently has been using this very application for a couple of months now to manage a dozen or so encrypted wiki pages. So this system has practical, real world applications.

What You Need
Since this article is a direct continuation of the previous article, primarily pointing out changes to the RailsWiki code, I strongly recommend reading the previous article first.
  • Ruby interpreter
  • RubyGems packaging system
  • The RailsWiki with security features source code
  • Gems:

    •   Next Page: Changes to the Views
    Page 1: IntroductionPage 3: Changes to the Model Classes
    Page 2: Changes to the ViewsPage 4: Changes to the Controller Class
    Untitled
    advertisement
    Advertising Info  |   Member Services  |   Permissions  |   Contact Us  |   Help  |   Feedback  |   Site Map  |   Network Map  |   About


    JupiterOnlineMedia

    internet.comearthweb.comDevx.commediabistro.comGraphics.com

    Search:

    Jupitermedia Corporation has two divisions: Jupiterimages and JupiterOnlineMedia

    Jupitermedia Corporate Info


    Legal Notices, Licensing, Reprints, & Permissions, Privacy Policy.

    Advertise | Newsletters | Tech Jobs | Shopping | E-mail Offers
    Solutions
    Whitepapers and eBooks
    Intel PDF: Virtualization Delivers Data Center Efficiency
    Intel eBook: Managing the Evolving Data Center
    Microsoft Article: BitLocker Brings Encryption to Windows Server 2008
    Symantec eBook: The Guide to E-Mail Archiving and Management
    Microsoft Article: RODCs Transform Branch Office Security
    Go Parallel Article: James Reinders on the Intel Parallel Studio Beta Program
    		 Avaya Article: Advancing the State of the Art in Customer Service
    Adobe Acrobat Connect Pro: Web Conferencing and eLearning Whitepapers
    Avaya Article: Avaya AE Services Provide Rapid Telephony Integration with Facebook
    Go Parallel Article: Getting Started with TBB on Windows
    HP eBook: Storage Networking , Part 1
    MORE WHITEPAPERS, EBOOKS, AND ARTICLES
    Webcasts
    Intel Seminar: Efficiencies in Hardware/Software Virtualization
    HP Webcast: Disaster Recovery Planning
    Go Parallel Video: Performance and Threading Tools for Game Developers
    		 HP Video: StorageWorks EVA4400 and Oracle
    HP Webcast: Storage Is Changing Fast - Be Ready or Be Left Behind
    MORE WEBCASTS, PODCASTS, AND VIDEOS
    Downloads and eKits
    IBM TCO eKIT: Your IT Budget is Under Attack, Get in Control
    IBM Energy Efficiency eKIT: Learn How to Reduce Costs
    30-Day Trial: SPAMfighter Exchange Module
    		 Red Gate Download: SQL Toolbelt and free High-Performance SQL Code eBook
    Iron Speed Designer Application Generator
    MORE DOWNLOADS, EKITS, AND FREE TRIALS
    Tutorials and Demos
    Microsoft Article: Silverlight Streaming--Free Video Hosting for All
    Featured Algorithm: Intel Threading Building Blocks - parallel_reduce
    		 HP Demo: StorageWorks EVA4400
    MORE TUTORIALS, DEMOS AND STEP-BY-STEP GUIDES