You can add a before_filter to your controllers to ensure that the user is logged in.
I use restful authentication (that provides the login_required method), and I let anyone see the index listing of a table, or a show of any individual record, but create, update, new, delete, etc, are all locked behind a logged in session. before_filter :login_required, :except => [:index, :show] -- Posted via http://www.ruby-forum.com/. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
