I'm using authlogic 3.0.3 on a Rails 3.0.9 app with Ruby 1.9.2. I'm using the ssl_requirement gem. When I set the :update action in users_controller.rb to ssl_required none of the user's attributes get updated. This is true whether I use @user.update_attributes(params[:user]) or assign each param myself and do either @user.save or @user.update. It is worth noting that the ssl_required on my user_sessions :create action doesn't cause any problems.