Feature #6312
Updated by Tom Clegg over 9 years ago
May require additional work on the download server to support whatever authentication mechanism is needed.
* One possibility is to "decode a Workbench cookie":http://big-elephants.com/2014-01/handling-rails-4-sessions-with-go/ with configured rails-secret-token (suitable if nginx is mapping a namespace under workbench onto the downloader, or using a cookie domain[1] to tell the browser to send the cookie to the downloader host as well)
Workbench needs a config knob for "base uri for downloads" (use built-in if not configured) if not relying on nginx mapping a namespace
Workbench needs to set a more permissive cookie domain or (if not relying on nginx mapping) use JS tricks for download links
fn1. Or a route that copies Authorization to an encrypted cookie?