There was a problem with reset_session in production mode from rails 2.3.1. Reported as resolved with discussion as recent as 3Nov.
On Nov 15, 9:56 pm, Eric <ericgh...@gmail.com> wrote: > Just out of curiosity, by "certain developers" are you referring only > to developers that you work with? Is "some manager," your manager? > Because if that's the case, they should be able (and I'd say have a > duty) to explain. Do you have any examples otherwise? > > For what its worth, your question is the top Google search result from > a query about fixing authlogic session problems with a VPS. > > -eric > > On Nov 10, 7:25 pm, Katherine <bridgeuto...@gmail.com> wrote: > > > Greetings. I need to know an expert's opinion on Authlogic and Restful > > Authentication as to security. > > I have used both and I personally like Authlogic precisely because it > > is more flexible. > > > As to security I am not aware of any risk as long as the authlogic > > examples are followed. However I need to know why certain developers > > feel that using Authlogic imposes security risks. > > > It's like some manager tells you "your application is not secure > > because you are using authlogic" without clearly explaining why. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk@googlegroups.com To unsubscribe from this group, send email to rubyonrails-talk+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---