Maintenance of Ruby 2.0.0 ended on February 24, 2016. Read more

In Files

  • webrick/httpauth/basicauth.rb


Basic Authentication for WEBrick

Use this class to add basic authentication to a WEBrick servlet.

Here is an example of how to set up a BasicAuth:

config = { :Realm => 'BasicAuth example realm' }

htpasswd = 'my_password_file'
htpasswd.set_passwd config[:Realm], 'username', 'password'

config[:UserDB] = htpasswd

basic_auth = config



Public Class Methods

make_passwd(realm, user, pass) click to toggle source

Used by UserDB to create a basic password entry

               # File webrick/httpauth/basicauth.rb, line 42
def self.make_passwd(realm, user, pass)
  pass ||= ""
new(config, default=Config::BasicAuth) click to toggle source

Creates a new BasicAuth instance.

See WEBrick::Config::BasicAuth for default configuration entries

You must supply the following configuration entries:


The name of the realm being protected.


A database of usernames and passwords. A WEBrick::HTTPAuth::Htpasswd instance should be used.

               # File webrick/httpauth/basicauth.rb, line 60
def initialize(config, default=Config::BasicAuth)
  @config = default.dup.update(config)

Public Instance Methods

authenticate(req, res) click to toggle source

Authenticates a req and returns a 401 Unauthorized using res if the authentication was not correct.

               # File webrick/httpauth/basicauth.rb, line 69
def authenticate(req, res)
  unless basic_credentials = check_scheme(req)
    challenge(req, res)
  userid, password = basic_credentials.unpack("m*")[0].split(":", 2)
  password ||= ""
  if userid.empty?
    error("user id was not given.")
    challenge(req, res)
  unless encpass = @userdb.get_passwd(@realm, userid, @reload_db)
    error("%s: the user is not allowed.", userid)
    challenge(req, res)
  if password.crypt(encpass) != encpass
    error("%s: password unmatch.", userid)
    challenge(req, res)
  info("%s: authentication succeeded.", userid)
  req.user = userid
challenge(req, res) click to toggle source

Returns a challenge response which asks for for authentication information

               # File webrick/httpauth/basicauth.rb, line 95
def challenge(req, res)
  res[@response_field] = "#{@auth_scheme} realm=\"#{@realm}\""
  raise @auth_exception

Commenting is here to help enhance the documentation. For example, code samples, or clarification of the documentation.

If you have questions about Ruby or the documentation, please post to one of the Ruby mailing lists. You will get better, faster, help that way.

If you wish to post a correction of the docs, please do so, but also file bug report so that it can be corrected for the next release. Thank you.

If you want to help improve the Ruby documentation, please visit