I am trying to convert my codeand to use the new Rails 2.0 feature RequestForgeryProtection but I get an InvalidAuthenticityToken error, right from the beginning with my login form..
I followed the recommandations :
in my environment.rb config.action_controller.session = { :session_key => 'myappname', :secret => '6de86b5566d7598f57e757960760acd2' }
in my application.rb protect_from_forgery :secret => '6de86b5566d7598f57e757960760acd2'
my sessions_controller.rb doesn't have anything new inside... same
code as used with rails 1.2 (is it right ?)
Does your form include the token ?
Fred
