From 52acf172705e947f2a930ae806b14285bbf4e1d6 Mon Sep 17 00:00:00 2001 From: Reinier Balt Date: Thu, 14 Apr 2011 12:52:41 +0200 Subject: [PATCH] fix #1138 where openid login was broken because of csrf changes in rails --- app/controllers/login_controller.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/controllers/login_controller.rb b/app/controllers/login_controller.rb index c9644244..119f79c3 100644 --- a/app/controllers/login_controller.rb +++ b/app/controllers/login_controller.rb @@ -7,7 +7,7 @@ class LoginController < ApplicationController before_filter :login_optional before_filter :get_current_user - protect_from_forgery :except => :check_expiry + protect_from_forgery :except => [:check_expiry, :login] if ( SITE_CONFIG['authentication_schemes'].include? 'cas') # This will allow the user to view the index page without authentication