Security Problem

If anyone has advice that'd be great.

In my app i have a show action in my video controller. I do not have
any kind of caching setup at the moment that i know of. I have 2 other
controllers that pretty much do the same thing and they are fine. my
problem is when i click the link to go to the video_path(video) <-
this is because i am using permalinks as shown in railscasts. the show

1. logs me in, and
2. its displaying an older view? i have looked at my source in github
and it is the most recent code. its like its being cached but i have
cleared out all my cache, i have deleted all my cookies, I was using
authlogic and i made the change to use the active record store. If i
remove the permalink and just use the id, i get the page like it is
supposed to be. Only when i use the permalink does it use this older
view and log me in.

if anyone has experienced this please at a loss