> I don't know yet why the SSL enforcing tests are failing yet. I was > focused on getting the basic database authentication working. Now, I'm going > to add support for OpenID and Basic HTTP Auth and then I'll take a look back > at the SSL tests. >
Ok, here's why: The ssl_required? filter in application_controller.rb checks if the session is active. It does that by looking at request.session_options[:expire_after]. I suspect that Device does not use these options at all, so whatever Device uses for sessions needs to be plugged into that method. Any ideas for a good replacement? Christian -- To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected]
