some question about before filter in rails 2.02

Hi guys,
  Following is a simple before filter under rails 2.02

  users_controller.rb

class UsersController < ApplicationController

  skip_before_filter :authorize, :only => [:login]

  ## CRUD actions #####

  def login
    if request.post?
      session[:user] = nil
      u = User.find_by_email params[:user][:email]
      unless u && u.password_equal?(params[:user][:password])
        session[:user] = u
        uri = session[:original_uri]
        session[:original_uri] = nil
        redirect_to(uri || {:action => :index})
      else
        flash[:notice] = "the user name and email doesn't match!"
      end
    end
  end

end

application_controller.rb

class ApplicationController < ActionController::Base
  helper :all # include all helpers, all the time

  # See ActionController::RequestForgeryProtection for details
  # Uncomment the :secret if you're not using the cookie session store
  protect_from_forgery # :secret => '4477fc7de98463482e367d7b0d4279eb'

  before_filter :authorize

  protected

  def authorize
    p "step to authorize"
    unless session[:user]
      flash[:notice] = "please login first..."
      session[:original_uri] = request.request_uri
      redirect_to(:controller => "users", :action => "login")
    end
  end
end

when I get the url http://localhost:3000/users, it always do loop in
"authorize"
action and "step to authorize" appears several times and I got the error

"Redirect Loop
  Firefox has detected that the server is redirecting the request for
this address in a way that will never complete.
The browser has stopped trying to retrieve the requested item. The site
is redirecting the request in a way that will never complete.
    * Have you disabled or blocked cookies required by this site?
    * NOTE: If accepting the site's cookies does not resolve the
problem, it is likely a server configuration issue and not your
computer."

  what's up? It seems it should work well, can anybody point this
problem?
  I am under ubuntu 8.04 LTS, thanks.