sandover/gist:335592

## gistfile1.rb
  def authenticate
    authenticate_or_request_with_http_basic do | username,password |
      return false if username.blank? || password.blank?
      username.strip!.downcase!

      # Check to see if this request provides a session cookie.
      # If the user id is in the session database, they pass right thru
      @current_user = User.find_by_username( session[:user_id] ) if session[:user_id]
      return if @current_user

      # If no cookie, check access list. If found, put user in session table
      if ACCESS_LIST[ username ] == password
        @current_user = User.find_or_create_by_username( username )
        session[:user_id] = username   # Put username in the session, for lookup next time
        return
      end

      # Still not authorized -- now try ESO.
      begin
        driver = SOAP::WSDLDriverFactory.new(ESO_WEB_SERVICE_URL).create_rpc_driver
        result = driver.Authenticate( { :username => username, :password => password} )
        if result.authenticateResult == 'VALID_USER'
          # try to load the user from the database, if does not exist, create him/her
          @current_user = User.find_or_create_by_username(username)
          session[:user_id] = username   # Put username in the session, for lookup next time
          return
        end
      rescue
        # Either exception threw or result wasn't valid
      end
      generate_render("401 Unauthorized user or incorrect password: #{username}")
    end
  end

  def generate_render( render_msg )
    @result = render_msg
    render :text => render_msg, :status => render_msg.split(" ").first
  end
	def authenticate
	authenticate_or_request_with_http_basic do \| username,password \|
	return false if username.blank? \|\| password.blank?
	username.strip!.downcase!

	# Check to see if this request provides a session cookie.
	# If the user id is in the session database, they pass right thru
	@current_user = User.find_by_username( session[:user_id] ) if session[:user_id]
	return if @current_user

	# If no cookie, check access list. If found, put user in session table
	if ACCESS_LIST[ username ] == password
	@current_user = User.find_or_create_by_username( username )
	session[:user_id] = username # Put username in the session, for lookup next time
	return
	end

	# Still not authorized -- now try ESO.
	begin
	driver = SOAP::WSDLDriverFactory.new(ESO_WEB_SERVICE_URL).create_rpc_driver
	result = driver.Authenticate( { :username => username, :password => password} )
	if result.authenticateResult == 'VALID_USER'
	# try to load the user from the database, if does not exist, create him/her
	@current_user = User.find_or_create_by_username(username)
	session[:user_id] = username # Put username in the session, for lookup next time
	return
	end
	rescue
	# Either exception threw or result wasn't valid
	end
	generate_render("401 Unauthorized user or incorrect password: #{username}")
	end
	end

	def generate_render( render_msg )
	@result = render_msg
	render :text => render_msg, :status => render_msg.split(" ").first
	end