Skip to content


Subversion checkout URL

You can clone with
Download ZIP


HTTP Auth can't be disabled. #267

Savar opened this Issue · 2 comments

3 participants


May it is a passenger problem but this does not work:

class UserSession < Authlogic::Session::Base
  allow_http_basic_auth false

there is this call:

persist :persist_by_http_auth, :if => :persist_by_http_auth?

but the :if check seems to be triggered only once and so when inheriting from Authlogic::Session::Base the "persist" call was already triggered so that the "allow_http_basic_auth false" doesn't do anything.



We had a password protected staging site, and the http_basic_auth being allowed by default caused us so much grief with user login. It took us two full days to find the cause. And now there is no simple way to disable it. It seems authlogic is complicating such a simple functionality as login/join so much.

@ssinghi ssinghi referenced this issue from a commit in kreetitech/authlogic
@ssinghi ssinghi fix authlogic issue #267 5b243c5

Same problem as @kreetitech described. +1

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.