Rails 3 Authlogic problem with single access token and logout on timeout

I'm having a problem using an authlogic single access token to access a page when logout on timeout is set to true and a timeout is set.

user.rb:

acts_as_authentic do |c|
  c.logged_in_timeout = 15.minutes
end

user_session.rb:

logout_on_timeout true

controller:

def single_access_allowed?
  ["download_xml"].include?(action_name)
end

If I try to access a page/method using the token it redirects straight away to my login page. The logout on timeout works when its turned on.

If i remove the timeout code and just have acts_as_authentic in the user.rb, the single access token works.

I want to be able to use the single access token so another application can open an xml file from my ruby on rails website.

A开发者_如何学Gony ideas on what I might have done wrong and where to look to fix it and make it work?

Using authlogic 3.0.3 and rails 3.0.7.

This reply from jgdreyes last Sept 27 at https://github.com/binarylogic/authlogic/issues/64 worked for me:

I went ahead and extended Authlogic's stale? method so that it does not see requests as stale? if accessing via single_access?. This keeps logic for logout_on_timeout intact.

class UserSession < Authlogic::Session::Base   logout_on_timeout true
  def stale?
    return false if single_access?
    super   
  end 
end