On Mon, Feb 23, 2009 at 1:04 PM, kiko <[email protected]> wrote: > > So I made the changes to use the http authentication essentially > http://admin:ad...@localhost:3000 and I'm getting a different > authenticity error. The first request is a ping to make sure the > server is up and as you can see the server successfully authenticates > the admin user and returns a 200, but then when I post the request to > start the init process I get InvalidAuthenticityToken with a http > status code of 422. I haven't made any changes to the default data > that is created when installing ruote-web2. Thanks again for any > tips. > > Server error: > > > Processing ProcessesController#index (for 127.0.0.1 at 2009-02-22 > 20:03:53) [GET] > User Load (1.1ms) SELECT * FROM "users" WHERE ("users"."login" = > E'admin') LIMIT 1 > Completed in 129ms (View: 20, DB: 1) | 200 OK [http://localhost/ > processes] > SQL (0.4ms) SET client_min_messages TO 'panic' > SQL (0.3ms) SET client_min_messages TO 'notice' > > > Processing ProcessesController#create (for 127.0.0.1 at 2009-02-22 > 20:03:55) [POST] > Parameters: {"pdef"=>"", "fields"=>"{\"svn\":true}", > "pdef_url"=>"public/defs/phases/init_phase.rb"} > > ActionController::InvalidAuthenticityToken > (ActionController::InvalidAuthenticityToken): > /var/lib/gems/1.8/gems/actionpack-2.3.0/lib/action_controller/ > request_forgery_protection.rb:79:in `verify_authenticity_token'
ruote-web2 is not happy with a content-type set to "form-cli", it's verifying the authenticity_token because it thinks it's a regular HTML form. It'd be better to pass a launchitem formatted as XML or JSON in the body of your post (and set the content type to application/xml or application/json). You can take inspiration for those launch operations at : http://bit.ly/qO1ag but unfortunately those examples only show how to embed a process definition in the post body. This might then help : ---8<--- li = OpenWFE::LaunchItem.new(definition_url) li.attributes = { 'field0' => 'value0' } # ... xml = OpenWFE::Xml::launchitem_to_xml(li, :indent => 2) # ... require 'json' json = li.to_h.to_json --->8--- ruote-rest is a bit more relaxed than ruote-web2 when it comes to user input. Whenever you see this verify_authenticity_token thing, it means Rails thinks it is a regular HTML form. Best regards, -- John Mettraux - http://jmettraux.wordpress.com --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruote (OpenWFEru) users" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/openwferu-users?hl=en -~----------~----~----~----~------~----~------~--~---
