Defect #8655

After an ajax process, login info is missing.

Added by Tiffany C over 10 years ago. Updated over 10 years ago.

Status:ClosedStart date:2011-06-21
Priority:NormalDue date:
Assignee:-% Done:


Target version:-
Resolution:Invalid Affected version:1.2.0


Hi all,

After I upgraded from Redmine 1.1.0 to 1.2.0, one of my plugin functions using Ajax doesn't work. It seems like missing session info after calling Ajax and transits to the login screen after clicking some button. I don't know why it became AnonymousUser.

A little similar to #7843?

The log on the WEBRick is below.

  Setting Load (0.1ms)   SELECT * FROM `settings` WHERE (`settings`.`name` = 'login_required') LIMIT 1
Redirected to http://localhost:3000/login?back_url=http%3A%2F%2F10.23.1.48%3A3000%2Fprojects%2Fxyz%2Fwork_time%2Fshow

Filter chain halted as [:check_if_login_required] rendered_or_redirected.
Completed in 21ms (DB: 4) | 302 Found [http://localhost:3000/projects/xyz/work_time/show]
  SQL (0.1ms)   SET NAMES 'utf8'
  SQL (0.1ms)   SET SQL_AUTO_IS_NULL=0

Processing AccountController#login (for at 2011-06-21 10:50:43) [GET]
  Parameters: {"back_url"=>"http://localhost:3000/projects/xyz/work_time/show", "action"=>"login", "controller"=>"account"}
  Setting Columns (1.6ms)   SHOW FIELDS FROM `settings`
  SQL (0.2ms)   SELECT max(`settings`.updated_on) AS max_updated_on FROM `settings` 
  Setting Load (0.1ms)   SELECT * FROM `settings` WHERE (`settings`.`name` = 'rest_api_enabled') LIMIT 1
  AnonymousUser Columns (1.7ms)   SHOW FIELDS FROM `users`
  AnonymousUser Load (0.1ms)   SELECT * FROM `users` WHERE ( (`users`.`type` = 'AnonymousUser' ) ) LIMIT 1
Rendering template within layouts/base
Rendering account/login

If I add the following code to my controller, it works fine, but I don't know if it is the right way to solve this problem.

skip_before_filter :verify_authenticity_token

My Ajax code is something like this.

  new Ajax.Request(ajax_url, 
                        $('memo_area').value = request.responseText

Here is my environment:
  • rails (2.3.11, 2.3.5, 2.2.2)
  • rack (1.1.2, 1.0.1)

I would appreciate if anyone can tell me how to solve this problem.



#1 Updated by Etienne Massip over 10 years ago

  • Status changed from New to Closed
  • Resolution set to Invalid

Closed as this is not a Redmine issue, please post in forum.

This must be linked to r5134 application.js change, dunno what your plugin looks like but maybe it does not trigger the global events and thus, not send CSRF token.

Why not use remote_* RoR functions ??

#2 Updated by Tiffany C over 10 years ago

After I changed to remote_function, it worked.

Also available in: Atom PDF