similar to: session_options/session

The Agile book seems to say I should specify this as follows, probably in the environments.rb: ActionController::CgiRequest::DEFAULT_SESSION_OPTIONS[:database_manager] = CGI::Session::ActiveRecordStore BUT the environments.rb file would have me Un-Comment this: config.action_controller.session_store = :active_record_store Anyway, I''ve tried both, and in both cases it

I''m working on an ecommerce site (in Rails 2.3) and I added: ActionController::Base.session_options[:secure] = true to ~/config/environments/production.rb Now, every time I add something to my shopping cart and navigate away I get a new session_id (which essentially empties my shopping cart). How can I get the continuity of my sessions back, while still having the session_id get set

Hi, I am using ActiveRecordStore for my sessions. I have another model called PageView that stores a record each time a page is viewed (page_id, session_id). In order to implement this, however, I need to be able to access the session''s primary ''id'' value, the integer, not the long encoded ''session_key''. My problem is that I can''t access

I''m having a problem switching from cookie sessions (the default) to active record sessions. I''ve created the sessions table via the rake task, uncommented the line config.action_controller.session_store = :active_record_store in my environment.rb file, cleared out my browsers cookies, restarted the server (natch), but still the it''s using cookie_store instead of

I have a simple Rails app that I am close to deploying on our intranet. The security model is "either you are an admin or your are not," with the method of implementing this model being done by the login_generator 1.1.0. There is one account set up, ''admin'', with three of us having the ability to logon with this username (i.e. we know the password). I am looking to

The agile book says "You can inspect variables, set values, add other breakpoints, and generally have a good time". This is very sweet and totally useless. For example, I want to see the session variable, the cookies variable and so on. These names are unknown. I think I guess that the things that are available depend on where you put the breakpoint() call. I''ve tried a

I am using the restful authentication plugin and am always prompted to login if a different subdomain is accessed. I have found a couple rails "solutions", but none of them seem to work: # development.rb 1. ActionController::CgiRequest::DEFAULT_SESSION_OPTIONS[:session_key] = ".localhost" 2. ActionController::Base.session_options[:key] = ".localhost" Does anyone

I''m trying to set the cookie expiration in my environment.rb file but I keep getting a syntax error on WeBRICK startup. I''m trying both of the ways listed in http://wiki.rubyonrails.org/rails/pages/HowtoChangeSessionOptions. FYI I''m new to rails so this is probably easy. 1) ActionController::Base.session_options[:session_expires] = Time.local(2008,"jan"))

hello, I am trying to implement a "remember be" box for logins, however I cant seem to get it to work. I have tried the following 2 methods but neither seem to work. When i check the expiry time in firefox it always says "end of session". What is the proper way to handle this so the session cookie "_session_id" doesnt expire for a year? I tried

We''re going to have problems keeping cookies across domains. We want people to shop in one domain (e.g. "booksareus.com") and then checkout on the same server securely under a different domain (e.g. "greatbooks.com"). When we make the jump to the secure domain (the checkout link) can we submit the user''s session ID along with it and have it

from the Agile Book, i see i can set the absolute session expiry time via: ActionController::CGIRequest::DEFAULT_SESSION_OPTIONS[:session_expires] however, I don''t see anything about what the actual default setting is when a session is created. also, is there a way to set the expiration to happen when the browser is closed? in PHP, this can be accomplished using

when setting it in my environment.rb config.action_controller.session = { :session_key => ''_myapp_session'', :secret => ''3a64394bb895f1f05e0c07f71127d93d'' } I cannot get it back in the script/console .. :session_key=>"_session_id" !!! why ? >> ActionController::CgiRequest::DEFAULT_SESSION_OPTIONS =>

Reviews Wanted. I''ve read the tables of contents and haven''t yet made up my mind. Is one book clearly better than the other? Is one clearly full of bugs? Is one so much further ahead that there is no choice? Are they both so incomplete that I should just wait and only cook real food? Do trains still have dining cars? Warren Fred -------------- next part -------------- An

I''m implementing simple "remember me" functionality for logging in users with Rails 2.3.4. I''m trying to set the session expiration date for some time in the future. After googling around a bit I found this post which seems to address my problem: http://squarewheel.pl/posts/3 My modifications to request.session_options are being ignored. According to this discussion (

I''m getting ready to put an app into production and I''ve found a strange issue that, as far as I know, shouldn''t be happening. To me this looks like it could be a bug, but I''m not sure and I''m hoping some one here can tell me if they''ve seen this before, or can idiot- check me in that hopefully it''s just something I''ve missed

Recently, I got this security vulnerability on my app: Ruby on Rails Multiple Method Session Fixation Synopsis : The remote web server is affected by a session fixation vulnerability. Description : The web server on the remote host appears to be a version of Ruby on Rails that supports URL-based sessions. An unauthenticated remote attacker may be able to

I am having problem retrieving the value for variable request.session_options[:id] from my controller. Though the same returns a proper value when accessed through a view. I am not able to understand why it is happening. -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to

I''m having an issue with ARsessions... I have a rails app AND a merb app both under the same domain... I have redirects working for this to be seamless... however, the session started on merb is different than the session started in the rails app... like so.. http://pastie.caboo.se/private/r1ar42qiaekrqjdt6y Any ideas why? The only difference I see, but dunno where to change this, is

What wysiwyg html/CSS editors do people recommend. I''m mainly interested in FOSS programs that I can run on WinXP. Sometimes you just have to create some mostly-static pages and make them look nice. I see that Guy Kawasaki is using Nvu, which is based on Mozilla composer. Any of you guys have any experience with that? Warren Fred -------------- next part -------------- An HTML

What I want to do is share the same session across many Rails applications. All of them are using Rails 2.2.2. I know that, to share the session, it''s (supposedly) just a matter of sharing the same key and secret among the apps, like this: config.action_controller.session = { :session_key => ''_apps_session'', :secret =>