Help with authentication errors

Hello,

I have been working through two books, “Agile Web D. with
Rails, 2nd Ed.” and “Ajax on Rails”. I’m using Rails2.0. In both cases,
I run into an authentication error when doing the examples. In AWDwR,
when trying to add new information to the database (p. 68) I get

ActionController::InvalidAuthenticityToken in AdminController#create

ActionController::InvalidAuthenticityToken

RAILS_ROOT: C:/ruby/myprojects/ajaxonrails
Application Trace | Framework Trace | Full Trace

c:/ruby/lib/ruby/gems/1.8/gems/actionpack-2.0.2/lib/action_controller/request_forgery_protection.rb:79:in
verify_authenticity_token' c:/ruby/lib/ruby/gems/1.8/gems/actionpack-2.0.2/lib/action_controller/filters.rb:469:insend!’
c:/ruby/lib/ruby/gems/1.8/gems/actionpack-2.0.2/lib/action_controller/filters.rb:469:in
call' c:/ruby/lib/ruby/gems/1.8/gems/actionpack-2.0.2/lib/action_controller/filters.rb:441:inrun’
c:/ruby/lib/ruby/gems/1.8/gems/actionpack-2.0.2/lib/action_controller/filters.rb:716:in
run_before_filters' c:/ruby/lib/ruby/gems/1.8/gems/actionpack-2.0.2/lib/action_controller/filters.rb:695:incall_filters’
c:/ruby/lib/ruby/gems/1.8/gems/actionpack-2.0.2/lib/action_controller/filters.rb:689:in
perform_action_without_benchmark' c:/ruby/lib/ruby/gems/1.8/gems/actionpack-2.0.2/lib/action_controller/benchmarking.rb:68:inperform_action_without_rescue’
c:/ruby/lib/ruby/1.8/benchmark.rb:293:in measure' c:/ruby/lib/ruby/gems/1.8/gems/actionpack-2.0.2/lib/action_controller/benchmarking.rb:68:inperform_action_without_rescue’
c:/ruby/lib/ruby/gems/1.8/gems/actionpack-2.0.2/lib/action_controller/rescue.rb:199:in
perform_action_without_caching' c:/ruby/lib/ruby/gems/1.8/gems/actionpack-2.0.2/lib/action_controller/caching.rb:678:inperform_action’
c:/ruby/lib/ruby/gems/1.8/gems/activerecord-2.0.2/lib/active_record/connection_adapters/abstract/query_cache.rb:33:in
cache' c:/ruby/lib/ruby/gems/1.8/gems/activerecord-2.0.2/lib/active_record/query_cache.rb:8:incache’
c:/ruby/lib/ruby/gems/1.8/gems/actionpack-2.0.2/lib/action_controller/caching.rb:677:in
perform_action' c:/ruby/lib/ruby/gems/1.8/gems/actionpack-2.0.2/lib/action_controller/base.rb:524:insend’
c:/ruby/lib/ruby/gems/1.8/gems/actionpack-2.0.2/lib/action_controller/base.rb:524:in
process_without_filters' c:/ruby/lib/ruby/gems/1.8/gems/actionpack-2.0.2/lib/action_controller/filters.rb:685:inprocess_without_session_management_support’
c:/ruby/lib/ruby/gems/1.8/gems/actionpack-2.0.2/lib/action_controller/session_management.rb:123:in
process' c:/ruby/lib/ruby/gems/1.8/gems/actionpack-2.0.2/lib/action_controller/base.rb:388:inprocess’
c:/ruby/lib/ruby/gems/1.8/gems/actionpack-2.0.2/lib/action_controller/dispatcher.rb:171:in
handle_request' c:/ruby/lib/ruby/gems/1.8/gems/actionpack-2.0.2/lib/action_controller/dispatcher.rb:115:indispatch’
c:/ruby/lib/ruby/gems/1.8/gems/actionpack-2.0.2/lib/action_controller/dispatcher.rb:126:in
dispatch_cgi' c:/ruby/lib/ruby/gems/1.8/gems/actionpack-2.0.2/lib/action_controller/dispatcher.rb:9:indispatch’
c:/ruby/lib/ruby/gems/1.8/gems/rails-2.0.2/lib/webrick_server.rb:112:in
handle_dispatch' c:/ruby/lib/ruby/gems/1.8/gems/rails-2.0.2/lib/webrick_server.rb:78:inservice’
c:/ruby/lib/ruby/1.8/webrick/httpserver.rb:104:in service' c:/ruby/lib/ruby/1.8/webrick/httpserver.rb:65:inrun’
c:/ruby/lib/ruby/1.8/webrick/server.rb:173:in start_thread' c:/ruby/lib/ruby/1.8/webrick/server.rb:162:instart’
c:/ruby/lib/ruby/1.8/webrick/server.rb:162:in start_thread' c:/ruby/lib/ruby/1.8/webrick/server.rb:95:instart’
c:/ruby/lib/ruby/1.8/webrick/server.rb:92:in each' c:/ruby/lib/ruby/1.8/webrick/server.rb:92:instart’
c:/ruby/lib/ruby/1.8/webrick/server.rb:23:in start' c:/ruby/lib/ruby/1.8/webrick/server.rb:82:instart’
c:/ruby/lib/ruby/gems/1.8/gems/rails-2.0.2/lib/webrick_server.rb:62:in
dispatch' c:/ruby/lib/ruby/gems/1.8/gems/rails-2.0.2/lib/commands/servers/webrick.rb:66 c:/ruby/lib/ruby/site_ruby/1.8/rubygems/custom_require.rb:27:ingem_original_require’
c:/ruby/lib/ruby/site_ruby/1.8/rubygems/custom_require.rb:27:in
require' c:/ruby/lib/ruby/gems/1.8/gems/activesupport-2.0.2/lib/active_support/dependencies.rb:496:inrequire’
c:/ruby/lib/ruby/gems/1.8/gems/activesupport-2.0.2/lib/active_support/dependencies.rb:342:in
new_constants_in' c:/ruby/lib/ruby/gems/1.8/gems/activesupport-2.0.2/lib/active_support/dependencies.rb:496:inrequire’
c:/ruby/lib/ruby/gems/1.8/gems/rails-2.0.2/lib/commands/server.rb:39
c:/ruby/lib/ruby/site_ruby/1.8/rubygems/custom_require.rb:27:in
gem_original_require' c:/ruby/lib/ruby/site_ruby/1.8/rubygems/custom_require.rb:27:inrequire’
script/server:3

c:/ruby/lib/ruby/gems/1.8/gems/actionpack-2.0.2/lib/action_controller/request_forgery_protection.rb:79:in
verify_authenticity_token' c:/ruby/lib/ruby/gems/1.8/gems/actionpack-2.0.2/lib/action_controller/filters.rb:469:insend!’
c:/ruby/lib/ruby/gems/1.8/gems/actionpack-2.0.2/lib/action_controller/filters.rb:469:in
call' c:/ruby/lib/ruby/gems/1.8/gems/actionpack-2.0.2/lib/action_controller/filters.rb:441:inrun’
c:/ruby/lib/ruby/gems/1.8/gems/actionpack-2.0.2/lib/action_controller/filters.rb:716:in
run_before_filters' c:/ruby/lib/ruby/gems/1.8/gems/actionpack-2.0.2/lib/action_controller/filters.rb:695:incall_filters’
c:/ruby/lib/ruby/gems/1.8/gems/actionpack-2.0.2/lib/action_controller/filters.rb:689:in
perform_action_without_benchmark' c:/ruby/lib/ruby/gems/1.8/gems/actionpack-2.0.2/lib/action_controller/benchmarking.rb:68:inperform_action_without_rescue’
c:/ruby/lib/ruby/1.8/benchmark.rb:293:in measure' c:/ruby/lib/ruby/gems/1.8/gems/actionpack-2.0.2/lib/action_controller/benchmarking.rb:68:inperform_action_without_rescue’
c:/ruby/lib/ruby/gems/1.8/gems/actionpack-2.0.2/lib/action_controller/rescue.rb:199:in
perform_action_without_caching' c:/ruby/lib/ruby/gems/1.8/gems/actionpack-2.0.2/lib/action_controller/caching.rb:678:inperform_action’
c:/ruby/lib/ruby/gems/1.8/gems/activerecord-2.0.2/lib/active_record/connection_adapters/abstract/query_cache.rb:33:in
cache' c:/ruby/lib/ruby/gems/1.8/gems/activerecord-2.0.2/lib/active_record/query_cache.rb:8:incache’
c:/ruby/lib/ruby/gems/1.8/gems/actionpack-2.0.2/lib/action_controller/caching.rb:677:in
perform_action' c:/ruby/lib/ruby/gems/1.8/gems/actionpack-2.0.2/lib/action_controller/base.rb:524:insend’
c:/ruby/lib/ruby/gems/1.8/gems/actionpack-2.0.2/lib/action_controller/base.rb:524:in
process_without_filters' c:/ruby/lib/ruby/gems/1.8/gems/actionpack-2.0.2/lib/action_controller/filters.rb:685:inprocess_without_session_management_support’
c:/ruby/lib/ruby/gems/1.8/gems/actionpack-2.0.2/lib/action_controller/session_management.rb:123:in
process' c:/ruby/lib/ruby/gems/1.8/gems/actionpack-2.0.2/lib/action_controller/base.rb:388:inprocess’
c:/ruby/lib/ruby/gems/1.8/gems/actionpack-2.0.2/lib/action_controller/dispatcher.rb:171:in
handle_request' c:/ruby/lib/ruby/gems/1.8/gems/actionpack-2.0.2/lib/action_controller/dispatcher.rb:115:indispatch’
c:/ruby/lib/ruby/gems/1.8/gems/actionpack-2.0.2/lib/action_controller/dispatcher.rb:126:in
dispatch_cgi' c:/ruby/lib/ruby/gems/1.8/gems/actionpack-2.0.2/lib/action_controller/dispatcher.rb:9:indispatch’
c:/ruby/lib/ruby/gems/1.8/gems/rails-2.0.2/lib/webrick_server.rb:112:in
handle_dispatch' c:/ruby/lib/ruby/gems/1.8/gems/rails-2.0.2/lib/webrick_server.rb:78:inservice’
c:/ruby/lib/ruby/1.8/webrick/httpserver.rb:104:in service' c:/ruby/lib/ruby/1.8/webrick/httpserver.rb:65:inrun’
c:/ruby/lib/ruby/1.8/webrick/server.rb:173:in start_thread' c:/ruby/lib/ruby/1.8/webrick/server.rb:162:instart’
c:/ruby/lib/ruby/1.8/webrick/server.rb:162:in start_thread' c:/ruby/lib/ruby/1.8/webrick/server.rb:95:instart’
c:/ruby/lib/ruby/1.8/webrick/server.rb:92:in each' c:/ruby/lib/ruby/1.8/webrick/server.rb:92:instart’
c:/ruby/lib/ruby/1.8/webrick/server.rb:23:in start' c:/ruby/lib/ruby/1.8/webrick/server.rb:82:instart’
c:/ruby/lib/ruby/gems/1.8/gems/rails-2.0.2/lib/webrick_server.rb:62:in
dispatch' c:/ruby/lib/ruby/gems/1.8/gems/rails-2.0.2/lib/commands/servers/webrick.rb:66 c:/ruby/lib/ruby/site_ruby/1.8/rubygems/custom_require.rb:27:ingem_original_require’
c:/ruby/lib/ruby/site_ruby/1.8/rubygems/custom_require.rb:27:in
require' c:/ruby/lib/ruby/gems/1.8/gems/activesupport-2.0.2/lib/active_support/dependencies.rb:496:inrequire’
c:/ruby/lib/ruby/gems/1.8/gems/activesupport-2.0.2/lib/active_support/dependencies.rb:342:in
new_constants_in' c:/ruby/lib/ruby/gems/1.8/gems/activesupport-2.0.2/lib/active_support/dependencies.rb:496:inrequire’
c:/ruby/lib/ruby/gems/1.8/gems/rails-2.0.2/lib/commands/server.rb:39
c:/ruby/lib/ruby/site_ruby/1.8/rubygems/custom_require.rb:27:in
gem_original_require' c:/ruby/lib/ruby/site_ruby/1.8/rubygems/custom_require.rb:27:inrequire’
script/server:3

Request

Parameters:

{“commit”=>“Create”,
“product”=>{“image_url”=>“blah”,
“title”=>“blah”,
“description”=>“blah”}}

Show session dump


flash: !map:ActionController::Flash::FlashHash {}

Response

Headers:

{“cookie”=>[],
“Cache-Control”=>“no-cache”}

I tried uncommenting :secret on the protect_from_forgery line in
application.rb, but that didn’t work.

My second authentication error is when I put the code in to use
prototype.js using the example in AoR on p. 24.

The html that gets generated for display looks like:

Action Controller: Exception caught body { background-color: #fff; color: #333; } body, p, ol, ul, td { font-family: verdana, arial, helvetica, sans-serif; font-size: 13px; line-height: 18px; } pre { background-color: #eee; padding: 10px; font-size: 11px; } a { color: #000; } a:visited { color: #666; } a:hover { color: #fff; background-color:#000; }

ActionController::InvalidAuthenticityToken

in Chapter2Controller#myresponse
ActionController::InvalidAuthenticityToken

RAILS_ROOT: C:/ruby/myprojects/ajaxonrails

<a href="#"

onclick="document.getElementById(‘Framework-Trace’).style.display=‘none’;document.getElementById

(‘Full-Trace’).style.display=‘none’;document.getElementById(‘Application-Trace’).style.display=‘block’

;; return false;">Application Trace |

<a href="#"

onclick="document.getElementById(‘Application-Trace’).style.display=‘none’;document.getElementById

(‘Full-Trace’).style.display=‘none’;document.getElementById(‘Framework-Trace’).style.display=‘block’

;; return false;">Framework Trace |

<a href="#"

onclick="document.getElementById(‘Application-Trace’).style.display=‘none’;document.getElementById

(‘Framework-Trace’).style.display=‘none’;document.getElementById(‘Full-Trace’).style.display=‘block’

;; return false;">Full Trace

So, I’m lost. Any ideas???

Thanks,

Amy

Amy,

Not exactly sure what your problem could be but AWDwR 2ed was written
for Rails 1.2. I would first try installing the rails 1.2.6 gem and
setting your RAILS_GEM_VERSION (in environment.rb) to 1.2.6.

On Mar 27, 8:40 am, Amy J. removed_ema[email protected]

forgery protection was added in Rails 2.x. You can make it simpler to
track with the texts by turning it off. Update or add the following
line in /config/environments/xxx.rb:

Disable request forgery protection

config.action_controller.allow_forgery_protection = false

More here:
http://www.railsbrain.com/api/rails-2.0.2/doc/index.html?a=M000305&name=protect_from_forgery

On Mar 27, 10:40 am, Amy J. [email protected]

AndyV wrote:

forgery protection was added in Rails 2.x. You can make it simpler to
track with the texts by turning it off. Update or add the following
line in /config/environments/xxx.rb:

Disable request forgery protection

config.action_controller.allow_forgery_protection = false

More here:
http://www.railsbrain.com/api/rails-2.0.2/doc/index.html?a=M000305&name=protect_from_forgery

On Mar 27, 10:40 am, Amy J. [email protected]

Thanks Andy, that took care of it without my having to revert to an
earlier version. Now I can work through the books and figure out what
I’m doing.

Take care,

amy

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs