REST web service POST 401 Unauthorized error

I am trying to set up REST web service w Rails 2.0.2,

I don't have any problem with the GET

url = "http://#{WWW_HOST}/posts/online.xml"
result = Net::HTTP.get(URI(url))
I get the expected result

but when I try to use a POST,
url = URI.parse("http://#{WWW_HOST}//user/posts/createReference.xml")
.. post_args1,...post_args2....
resp, data = Net::HTTP.post_form(url, {post_args1, post_args2} )

I get a 401 Unauthorized error
(ERROR TYPE: ActionController::InvalidAuthenticityToken)

In my server PostsController, I have a filter , but I wrote :
class PostsController < ApplicationController
before_filter :login_required, :except =>
[ :online, :createReference]
so the login is not required for both actions online and
createReference

in my routes I have :
map.resources :posts, :collection => {:online => :get}
and
  map.resource :user, :controller => "users" do |user|
    user.resources :posts, :collection => {:createReference => :post }
end

I know that AuthenticityToken is quite new with 2.0 and forms
I am using

class ApplicationController < ActionController::Base
  include AuthenticationSystem,
    protect_from_forgery

where should I start to investigate ?

thanks for your help