Is the solution this simple ?
Remove:
config.action_controller.session = {
:session_key => '_formdir_session',
:secret => 'xxx'
}
from environment.rb ?
Will this disable the forgery_protection ?
And sorry if this is too far off topic - but there has recently been a
long discussion on how the sessions variables was affected by the use of
AS. But I should probably have written that in my first post.
/S
Soren wrote:
> Hi,
>
> Like many other apps I have now hit the ceiling on the Cookie based
> Session variables.
> So I tried to change to ActiveRecord based variables.
>
> Did so by changing:
> config/environment.rb:
> config.action_controller.session_store = :active_record_store
>
> Ran:
> rake db:sessions:create
> to create the sessions table database
>
> rake db:migrate
> To build and activate the new database
>
> But now no one can log into the application. I keep getting
> ActionController::InvalidAuthenticityToken
> (ActionController::InvalidAuthenticityToken):
> passenger (2.1.2) lib/phusion_passenger/rack/request_handler.rb:
> 65:in `process_request'
>
> I restarted the server and apache.
>
> I tried
> rake db:sessions:clear
>
> Did not help
>
> I do have the
> I must have missed something but what ?
>
> /S
> >
>
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"ActiveScaffold : Ruby on Rails plugin" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/activescaffold?hl=en
-~----------~----~----~----~------~----~------~--~---
