Kolodvor

The simplest way to disable sessions in Rails is to use session :off (see ActionController::SessionManagement::ClassMethods).

session :off

To disable session suport only for a specific controller add session :off to that controller

class MyController < ApplicationController
    session :off
end

Written like that, sessions are disabled for all actions on this controller.

Like filters, you can specify :only and :except clauses to restrict subset. The following code will disable session for first_action and third_action, but not for second_action.

class MyController < ApplicationController
  session :off, :only %w(first_action third_action)

  def first_action
  end

  def second_action
  end

  def third_action
  end
end

Same could be achived with session :off, :except => :second_action.

The session options are inheritable, so to disable sessions for the entire application add session :off to ApplicationController.

class ApplicationController < ActionController::Base
    session :off
end

session :disabled => true

The downside of above approach is that if you disable sessions in ApplicationController with session :off you can’t enable them later on.

But luckily there is a cure for that. Instead of session :off add this line session :disabled => true to ApplicationController.

class ApplicationController < ActionController::Base
    session :disabled => true
end

Now, you can re-enable session support in an inheriting controller with session :disabled => false.

class MyController < ApplicationController
    session :disabled => false
end

Further reading

• How to Change Session Options in RoR
• How to Per Action Session Options in RoR
• QuarkRuby: Sessions and cookies in Ruby on Rails

Technorati Tags: session, rails

This entry was posted on Friday, November 23rd, 2007 at 11:35 am and is filed under Rails. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.