I simply transformed during my local development laptop from WEBrick to Apache2/Passenger. Now I acquired

ActionController::InvalidAuthenticityToken in SessionsController#create

I am using Ruby 1.9.2 Rails 2.3.8 ubuntu 10.04

I attempted both

protect_from_forgery, :only => [:update, :delete, :create]


skip_before_filter :verify_authenticity_token

during my applicaiton_controller.rb

They did not appear to assist. (BTW, must i have restarted Passenger in some way after modifying applicaiton_controller.rb?)

Any help could be appreciated.

If you are while using default Passenger setup, it runs the application within the production atmosphere - this results in class caching is switched on. You will need to restart your Passenger worker whenever you make config or code changes such as the ones you referred to via:

touch tmp/restart.txt

Furthermore, you are able to switch your Passenger configuration to operate in Development atmosphere through the following Passenger config:

RailsEnv development