Rails - Sep 2010 - Rails 2.3.8 - InvalidAuthenticityToken problem. URGENT!

I used to have Simple Captcha installed, but since I removed it I got
all kinds of problems with login.

Processing UsersController#login (for 188.177.122.179 at 2010-09-19
12:21:09) [POST]
  Parameters: {"commit"=>"OK",
"authenticity_token"=>"/
Y0aZETCsMhyI3CkrZJK6O2NaLEoi+LRe8ZuDPWU9kc=",
"user"=>{"remember_me"=>"0",
"password"=>"xxxxx",
"screen_name"=>"rune"}}

ActionController::InvalidAuthenticityToken
(ActionController::InvalidAuthenticityToken):
  /home/heroku_rack/lib/static_assets.rb:9:in `call''
  /home/heroku_rack/lib/last_access.rb:15:in `call''
  /home/heroku_rack/lib/date_header.rb:14:in `call''
  thin (1.2.6) lib/thin/connection.rb:76:in `pre_process''
  thin (1.2.6) lib/thin/connection.rb:74:in `catch''
  thin (1.2.6) lib/thin/connection.rb:74:in `pre_process''
  thin (1.2.6) lib/thin/connection.rb:57:in `process''
  thin (1.2.6) lib/thin/connection.rb:42:in `receive_data''
  eventmachine (0.12.10) lib/eventmachine.rb:256:in `run_machine''
  eventmachine (0.12.10) lib/eventmachine.rb:256:in `run''
  thin (1.2.6) lib/thin/backends/base.rb:57:in `start''
  thin (1.2.6) lib/thin/server.rb:156:in `start''
  thin (1.2.6) lib/thin/controllers/controller.rb:80:in `start''
  thin (1.2.6) lib/thin/runner.rb:177:in `send''
  thin (1.2.6) lib/thin/runner.rb:177:in `run_command''
  thin (1.2.6) lib/thin/runner.rb:143:in `run!''
  thin (1.2.6) bin/thin:6
  /usr/ruby1.8.7/bin/thin:19:in `load''
  /usr/ruby1.8.7/bin/thin:19

--

# session_store.rb

ActionController::Base.session = {
  :key         => ''_neurodag_session'',
  :secret      =>
''9141fa2aa733a6f5307913680b13c2028f9cdd827f2daa898c4ad4bdf4da63dc7c17788c5028ad6eadaf8c81d0682dbd83d1bd05824d52a12fdc7500e37a6b47''
}

# application_controller.rb
class ApplicationController < ActionController::Base
    include ApplicationHelper
    # include SimpleCaptcha::ControllerValidation
    include ExceptionNotifiable

    helper :all # include all helpers, all the time
    protect_from_forgery # :secret  => ''sdasfagagsa'' # See
ActionController::RequestForgeryProtection for details

What is the correct configuration for forgery protection to work
without screwing up the login process!?

Thanks!

Rune

-- 
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en.

On Sep 19, 3:26 pm, Rune
<rune2ea...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
wrote:
> Processing UsersController#login (for 188.177.122.179 at 2010-09-19
> 12:21:09) [POST]
>   Parameters: {"commit"=>"OK",
"authenticity_token"=>"/
> Y0aZETCsMhyI3CkrZJK6O2NaLEoi+LRe8ZuDPWU9kc=",
> "user"=>{"remember_me"=>"0",
"password"=>"xxxxx",
> "screen_name"=>"rune"}}
>
> ActionController::InvalidAuthenticityToken
I''ve gotten errors like this when I have cookies disabled.  Could be
that or some other cookie/session problem (bad/missing cookie?  stale
browser session?  some kind of caching?)

-- 
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en.

Same thing to me.These dam computer suck dont they.

On Sep 20, 12:55 pm, chris
<cher...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
wrote:
> On Sep 19, 3:26 pm, Rune
<rune2ea...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:
>
> > Processing UsersController#login (for 188.177.122.179 at 2010-09-19
> > 12:21:09) [POST]
> >   Parameters: {"commit"=>"OK",
"authenticity_token"=>"/
> > Y0aZETCsMhyI3CkrZJK6O2NaLEoi+LRe8ZuDPWU9kc=",
> > "user"=>{"remember_me"=>"0",
"password"=>"xxxxx",
> > "screen_name"=>"rune"}}
>
> > ActionController::InvalidAuthenticityToken
>
> I''ve gotten errors like this when I have cookies disabled.  Could
be
> that or some other cookie/session problem (bad/missing cookie?  stale
> browser session?  some kind of caching?)
-- 
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en.

I get this error regularly after having updated my app to Rails
2.3.9!

Especially after not having logged out properly but having shut down
my server instance.



On Sep 20, 10:41 pm, wb5aty
<wb5...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
wrote:
> Same thing to me.These dam computer suck dont they.
>
> On Sep 20, 12:55 pm, chris
<cher...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:
>
> > On Sep 19, 3:26 pm, Rune
<rune2ea...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:
>
> > > Processing UsersController#login (for 188.177.122.179 at
2010-09-19
> > > 12:21:09) [POST]
> > >   Parameters: {"commit"=>"OK",
"authenticity_token"=>"/
> > > Y0aZETCsMhyI3CkrZJK6O2NaLEoi+LRe8ZuDPWU9kc=",
> > > "user"=>{"remember_me"=>"0",
"password"=>"xxxxx",
> > > "screen_name"=>"rune"}}
>
> > > ActionController::InvalidAuthenticityToken
>
> > I''ve gotten errors like this when I have cookies disabled.
 Could be
> > that or some other cookie/session problem (bad/missing cookie?  stale
> > browser session?  some kind of caching?)
-- 
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en.

If you face this issue since Rails 2.3.9, make sure to check this
ticket. Patch included while waiting new release.

https://rails.lighthouseapp.com/projects/8994/tickets/5581-session-cookie-not-sent-with-activerecord-or-memcache-store-in-rails-239

Hope this helps,
--
  Sébastien Grosjean - ZenCocoon

On Sep 21, 10:54 am, javinto
<jan.javi...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
wrote:
> I get this error regularly after having updated my app to Rails
> 2.3.9!
>
> Especially after not having logged out properly but having shut down
> my server instance.
>
> On Sep 20, 10:41 pm, wb5aty
<wb5...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:
>
> > Same thing to me.These dam computer suck dont they.
>
> > On Sep 20, 12:55 pm, chris
<cher...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:
>
> > > On Sep 19, 3:26 pm, Rune
<rune2ea...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:
>
> > > > Processing UsersController#login (for 188.177.122.179 at
2010-09-19
> > > > 12:21:09) [POST]
> > > >   Parameters: {"commit"=>"OK",
"authenticity_token"=>"/
> > > > Y0aZETCsMhyI3CkrZJK6O2NaLEoi+LRe8ZuDPWU9kc=",
> > > >
"user"=>{"remember_me"=>"0",
"password"=>"xxxxx",
> > > > "screen_name"=>"rune"}}
>
> > > > ActionController::InvalidAuthenticityToken
>
> > > I''ve gotten errors like this when I have cookies
disabled.  Could be
> > > that or some other cookie/session problem (bad/missing cookie?
 stale
> > > browser session?  some kind of caching?)
-- 
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en.