Tuesday, August 08, 2006

Getting your favorite home brew application to run on the corporate servers can always be a chore. This is especially true when your corporate servers are exclusively Windows/IIS and single sign on is a requirement for all internal applications. Getting you app up and running is made even harder when you went out on a limb and wrote it using ruby on rails.

Now you are in a pickle. You now love ruby and rails, but in order to show off your new application you have to run it on the previously mentioned environment. Following is my solution to this very problem.

First get your hands on a ReverseProxy (I used http://www.saltypickle.com/Home/16). Install your application as a windows service using mongrel (http://mongrel.rubyforge.org/) a very fine and easy http/rails server. Set your IIS virtual directory to use only integrated authentication. Next setup (configure or hack) your ReverseProxy to forward request onto your mongrel service, and to add an http header populated with the authenticated users user name. Finally add a before filter guarding any actions you want to limit access to and match the value past in the http header from the ReverseProxy to grant or deny access. Finally, fix any bugs you may encounter (there were a few to get redirects working), and happy days, you are in business!

Details to come...