REST web service POST 401 Unauthorized error

I am trying to set up REST web service w Rails 2.0.2,

I don't have any problem with the GET

url = "http://#{WWW_HOST}/posts/online.xml" result = Net::HTTP.get(URI(url)) I get the expected result

but when I try to use a POST, url = URI.parse("http://#{WWW_HOST}//user/posts/createReference.xml") .. post_args1,...post_args2.... resp, data = Net::HTTP.post_form(url, {post_args1, post_args2} )

I get a 401 Unauthorized error (ERROR TYPE: ActionController::InvalidAuthenticityToken)

In my server PostsController, I have a filter , but I wrote : class PostsController < ApplicationController before_filter :login_required, :except => [ :online, :createReference] so the login is not required for both actions online and createReference

in my routes I have : map.resources :posts, :collection => {:online => :get} and   map.resource :user, :controller => "users" do |user|     user.resources :posts, :collection => {:createReference => :post } end

I know that AuthenticityToken is quite new with 2.0 and forms I am using

class ApplicationController < ActionController::Base   include AuthenticationSystem,     protect_from_forgery

where should I start to investigate ?

thanks for your help