UserEngine infinite loop... only on production box

Since the Engines seem to be more actively maintained than the generator
I’d been using, I switched over and got everything working on my
development system. When I ran into a problem with changing passwords, I
checked this list and found the thread about applying the before_filter
as a mixin to my user_controller because I don’t apply a filter to my
public controller, and I did the same for the roles controller and
everything seemed to work perfectly.

Then I used Switchtower to transfer my latest build to my production
box. I migrated both engines, did a successful bootstrap, checked to
nsee that the tables were all properly populated, checked to see the
admin user was created with a good email address, and restarted Apache.
My unprotected controllers worked perfectly fine, so it’s not a problem
with the app running.

But the protected controllers? No dice. I delete my sessions in /tmp. I
do an explicit /user/logout. Whatever I do on protected controllers, I
get an endless loop of /user/login, using the “admin/testing” login/pw.

Clicking “forgot password” gets me the same error as the post re:
login_engine of a couple of weeks ago: the error related to the nil user
when trying to display the flash.

Again, on my dev box in dev environment I have no problems. When not
logged in, attempting to access a protected controller propmpts for
login, login works, and life proceeds as normal. Logging out, confirming
I’m logged out by trying to access a protected controller, and then
clicking the change_password link works like it’s supposed to, from the
email to the token-based login to the new-password page.

And unlike some recent posters, I’m not doing crazy things with routes.
Nothing interferes with the /user/ URI namespace.

I have no idea why this is working in dev but not production.

Here’s what I’ve got at the top of each of my protected controllers, as
well as in otherwise empty mixin user and role controllers:

before_filter :authorize_action

I do not have this in application.rb because I have a controller that at
present doesn’t require login.

Thanks.

By the way, my best theory on why this is happening on one box but not
the other is that the dev box went through intermediate steps like
running with login_engine successfully before adding user_engine and
making the prescribed changes. On the dev system because I’d been
running login_engine for a couple of days already so when I brought
things up to user_engine I had several working users already and my
initial user setup didn’t have to rely on user_engine’s
authorize_action.

Steve K. wrote:

Since the Engines seem to be more actively maintained than the generator
I’d been using, I switched over and got everything working on my
development system. When I ran into a problem with changing passwords, I
checked this list and found the thread about applying the before_filter
as a mixin to my user_controller because I don’t apply a filter to my
public controller, and I did the same for the roles controller and
everything seemed to work perfectly.

Then I used Switchtower to transfer my latest build to my production
box. I migrated both engines, did a successful bootstrap, checked to
nsee that the tables were all properly populated, checked to see the
admin user was created with a good email address, and restarted Apache.
My unprotected controllers worked perfectly fine, so it’s not a problem
with the app running.

But the protected controllers? No dice. I delete my sessions in /tmp. I
do an explicit /user/logout. Whatever I do on protected controllers, I
get an endless loop of /user/login, using the “admin/testing” login/pw.

Clicking “forgot password” gets me the same error as the post re:
login_engine of a couple of weeks ago: the error related to the nil user
when trying to display the flash.

Again, on my dev box in dev environment I have no problems. When not
logged in, attempting to access a protected controller propmpts for
login, login works, and life proceeds as normal. Logging out, confirming
I’m logged out by trying to access a protected controller, and then
clicking the change_password link works like it’s supposed to, from the
email to the token-based login to the new-password page.

And unlike some recent posters, I’m not doing crazy things with routes.
Nothing interferes with the /user/ URI namespace.

I have no idea why this is working in dev but not production.

Here’s what I’ve got at the top of each of my protected controllers, as
well as in otherwise empty mixin user and role controllers:

before_filter :authorize_action

I do not have this in application.rb because I have a controller that at
present doesn’t require login.

Thanks.