similar to: Rails Environment Config

Hey All, I''m trying to do a simple form_for (and I also get it with form_tag) and I''m getting the following error: ActionView::TemplateError (No :secret given to the #protect_from_forgery call. Set that or use a session store capable of generating its own keys (Cookie Session Store).) on line #2 of users/new.fbml.erb: 1: <h1>Welcome To Courses, Let''s Get

I''m having a problem switching from cookie sessions (the default) to active record sessions. I''ve created the sessions table via the rake task, uncommented the line config.action_controller.session_store = :active_record_store in my environment.rb file, cleared out my browsers cookies, restarted the server (natch), but still the it''s using cookie_store instead of

I try to use db-session with protect_from_forgery. But I always get a error msg: ActionController::InvalidAuthenticityToken. application_controller.rb protect_from_forgery #:secret => ''top_secret'' session_store.rb ActionController::Base.session_store = :active_record_store hope you can help me. Best regards -- Posted via http://www.ruby-forum.com/.

After switching to active_record_store to host sessions, I now get the following errors: ActionController::InvalidAuthenticityToken in Pages#edit Showing app/views/pages/edit.html.erb where line #5 raised: No :secret given to the #protect_from_forgery call. Set that or use a session store capable of generating its own keys (Cookie Session Store). Extracted source (around line #5): 2: 3:

All, I''ve upgraded to 2.0.2, and I can''t get my login screen (the first POST request in the application) to work. When I post this form, I see the "InvalidAuthenticityToken" error. I have protect_from_forgery :secret => ''my_secret'' set in application.rb and I am using an active_record session store based on this line in environment.rb:

What I want to do is share the same session across many Rails applications. All of them are using Rails 2.2.2. I know that, to share the session, it''s (supposedly) just a matter of sharing the same key and secret among the apps, like this: config.action_controller.session = { :session_key => ''_apps_session'', :secret =>

Hi All, I am new to Rails and learning rails reading ebook ''Agile web development using rails''. I am doing samples given in this book chapter by chapter. but I stuck when I come to Sessions chapter, they have given that to enable session to be Database based the line config.action_controller.session_store = :active_record_store is to be uncommented from config/environment.rb

The Agile book seems to say I should specify this as follows, probably in the environments.rb: ActionController::CgiRequest::DEFAULT_SESSION_OPTIONS[:database_manager] = CGI::Session::ActiveRecordStore BUT the environments.rb file would have me Un-Comment this: config.action_controller.session_store = :active_record_store Anyway, I''ve tried both, and in both cases it

I have created ActiveRecord session store in a rails 3 project: > rake db:sessions:create > rake db:migrate then Myapp::Application.config.session_store :active_record_store, :key => ''_myapp_session'' in initializers/session_store.rb and it all works. Now the question: how do I list ALL active sessions? -- You received this message because you are subscribed to the

I''m setting up a Paypal IPN listener and need the create action to not use rails'' default CSRF protection. I''ve got that working fine & test it actually works with cucumber (where I''ve turned CSRF back on, since it''s full-stack testing) but would like my controller spec to mention the need for protect_from_forgery :except => [:create] (and fail

Hi, There doesn''t seem to be any previous posts about this problem, I must be setting things up wrongly at very basics... Firstly, the problem... I can''t get session[] to persist with active_record_store. I enabled (config.action_controller.session_store = :active_record_store) in environment.rb and created the sessions table at my MySQL database. When I do a session[:blah] =

Hello, Running Ruby 1.8.6 and Rails 2.2.2 against an Oracle XE database (sigh). I just upgraded Rails from 1.2.3 to 2.2.2, which made my cookie based system for storing session information to error out due to the 4Kb limit. So, I tried to turn on the active_record_store system by un- commenting out the "config.action_controller.session_store = :active_record_store" line in

Hi, I am trying to store the session in db and i followed these steps a.) rake db:session:create b.) db migrate --> this created the table. I see the table in the db now. c.) Uncommented the ActionController::Base.session_store = :active_record_store line in session_store.rb file in initializers. I get no records in the db and also - if i do debug session --- i see no id. ANy ideas what i

Hi, I just switched from storing my sessions on disk to storing them in MySQL. Changing environment.rb ''config.action_controller.session_store = :active_record_store''. But now all my tests fail. I get the following error: 1) Failure: test_authorized_new(AdControllerTest) [c:/ruby/lib/ruby/gems/1.8/gems/actionpack-1.11.2/lib/action_controller/depr

i start the server but it exits right away, I ran the rake to update and changed the version string in config.rb. Any thoughts on this matter would be appreciated. i imagine that it has something to do with the session, but i am not able to figure it out. my config/config.rb has the following config.action_controller.session = { :session_key => ''c3_rails_session'',

problem: rails 2.3.2 is not generating config.action_controller.session_store = :active_record_store in environment.rb this is the code in environment.rb --------------------------------------------------------------------------- # Be sure to restart your server when you modify this file # Specifies gem version of Rails to use when vendor/rails is not present RAILS_GEM_VERSION =

I am trying to convert my codeand to use the new Rails 2.0 feature RequestForgeryProtection but I get an InvalidAuthenticityToken error, right from the beginning with my login form.. I followed the recommandations : in my environment.rb config.action_controller.session = { :session_key => ''myappname'', :secret =>

I added login to my app and storing the sessions in the db. I un-commented the "config.action_controller.session_store = :active_record_store" line in the environment.rb file, and the :secret in the application.rb file. Now, when I try to login I get the error InvalidAuthenticityToken. Here''s my login form: <% form_for :user, :url => { :action =>

I''ve almost entirely converted a rails 2.3.5 app to 3pre. I''m having some trouble with protect_from_forgery. I had protect_from_forgery set in application_controller.rb, but run some uploadify ajax stuff in one of my controllers, where I had protect_from_forgery, :except => :add_file set. In rails 3 I''m getting ActionController::InvalidAuthenticityToken on the ajax

Hi Today I got an alert mail from my watcher script, telling me that there was no Mongrel running, and that it started one (so the site was down for a few seconds.) This is the first time I got this error (AFAICS), but I''d like to resolve and prevent it for the future. From mongrel.log: ** Starting Mongrel listening at 0.0.0.0:foo ** Starting Rails with production environment... **