Build Robust Security into a Rails-Based Wiki System
Learn how to add robust security features to a simple wiki system built on the Rails platform.
by Anil Hemrajani
June 27, 2007
ne of the core advantages of wiki systems is the ability to edit web pages stored on a server through a web browser. However, this function also allows administrators to look at the contents of your wiki pages, particularly if your wiki uses a shared server. If you store confidential information on that server, this is an especially undesirable compromise. A simple solution to this dilemma is to store the web pages in an encrypted form and use authentication to access them in a readable form.
Building on the wiki file-management system created in a previous DevX article ("Build a Wiki System with Rails"), this article demonstrates how to add authentication and encryption security features to the system (see Sidebar 1 for an overview of these security concepts). This simple system, called RailsWiki, offers basic web page management features such as view, edit, print, and so on (Figure 1 presents its basic design).
It's quick, easy and you get access to all the articles on DevX.
This registration/login is to allow you to read articles on devx.com. Already a member?
To become a member of DevX.com create your Member Profile by completing the form below. Membership is free!
ne of the core advantages of wiki systems is the ability to edit web pages stored on a server through a web browser. However, this function also allows administrators to look at the contents of your wiki pages, particularly if your wiki uses a shared server. If you store confidential information on that server, this is an especially undesirable compromise. A simple solution to this dilemma is to store the web pages in an encrypted form and use authentication to access them in a readable form.
