> In your API controller, just put "session :disabled => true" on top.
That's a noop function, it results in a deprecation warning: "Disabling sessions for a single controller has been deprecated. Sessions are now lazy loaded. So if you don't access them, consider them off. You can still modify the session cookie options with request.session_options." > If you do need sessions, I would suggest just skipping the active > record store sessions completely and either moving on to the > cookiebased store or a memcache store (which will automatically drop > sessions once it hits the memory treshold iirc). We do need sessions for browser requests. We specifically don't want a cookie based store due to security issues with that. Memcache store might be an option, but then it's still making unnecessary tcp/ip calls to find, create and update session objects for API requests which is a waste of resources. Cheers, Jimmy -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
