Hi,

> From: Michael Neumann [mailto:520079130762-0001 / t-online.de] 
> Sent: Wednesday, October 23, 2002 5:18 PM

> > Can you run your server with XMLRPC::CGIServer on WEBrick,
> > Apache or some httpd?  Those httpds have IP-based/BasicAuth
> > authentication/authorization functionalities.
> 
> There's also a WEBrickServlet server for xmlrpc4r.
> Maybe this helps.

I'm not aware there it is!  Good.  I and an author of
WEBrick are working to build an app server on
www.ruby-lang.org to host XML-RPC, SOAP and other services.
(It runs as CGI now)  We'll use it.

Hmm.  require_path_info? was deprecated from WEBrick/1.2.2.
No need to define it although it does not break anything.

> I've added a ip_auth_handler method in class Server, which is called
> from method serve (in httpserver.rb) before request_handler is called.
> This method should return true if the client is allowed to connect,
> otherwise false.
> This way, you can simply override Server#ip_auth_handler to perform
> IP-based restrictions.

standaloneServer.rb in SOAP4R should follow the change
of your httpserver.rb.

> What's the right status code when IP auth disallows access? 
> 405 - Method not allowed?

403 Forbidden, I think.

Regards,
// NaHi