In this whitepaper, NCC Group Senior Security Consultant Tomek Rabczak, and Jeff Jarmoc, formerly of NCC Group and now Lead Product Security Engineer at Salesforce, explore Ruby on Rails Authentication and Authorization patterns and pitfalls.
The paper also includes information about a new tool, Boilerman, that helps developers and penetration testers explore authentication and authorization filters in a ‘live rails’ application.
https://www.nccgroup.trust/uk/our-research/?research=Whitepapers
