I'm in the process of upgrading a Rails app from Rails 2 directly to Rails 4. I'm using the new /config/initializers/session_store.rb file, with CookieStore, but for some reason my sessions are not saving.

When trying to do something along the lines of render :text => "#{request.session_options[:id]}" I get a new session ID every refresh.

I've tried on different browsers, and all should be accepting cookies.

I have no idea what's going on. Why won't these sessions persist?!

Edit: thank you all for your suggestions. Here's a little more information, and a few things I've noticed:

• First, about my set up -- I'm running the server with Rails 4/Ruby 2 through RVM on an Ubuntu VM on my Windows 7 machine.
• Although I'm upgrading from Rails 2, that only really applies to the models/controllers/views/etc -- I generated a new Rails 4 application for all of the supporting infrastructure.
• I created another application on the same VM that JUST sets a session and then displays, and that works fine.
• What the session is storing varies slightly depending on what the user is doing, but usually it holds simply a user id (just an integer), and occasionally a little more -- (i first noticed this manifesting itself while trying to pass an OAuth token from the OAuth gem.)
• I've noticed that if the VM's system clock falls behind the Windows 7 host machine clock, the user id sessions hold. That causes other problems, especially with OAuth, but there seems to just be a time issue somewhere. I've tried doing things like removing the time zone from my environments/development.rb, but that did not help.

As a general answer a couple of possible problems are

• Session size over 4K limit (which is apparently the case).

  CookieOverflow is raised if you attempt to store more than 4K of data.

• Problems with CSRF protection.

  If the security token doesn't match what was expected, the session will be reset

I had a similar symptoms. It turns out it was because I added the rails-api gem and it totally broke session saving.

From: Railscasts Episode 415 Upgrading to Rails 4

There’s one more configuration change we need to make, in the secret token initializer. In Rails 4 the configuration option in this file has been renamed from secret_token to secret_key_base. We’ll need to specify both options while we’re transitioning from Rails 3 but once we’ve successfully migrated our application we can remove the secret_token option. It’s best to use a different token for our secret_key_base.

This is necessary because we’re moving from a serialized cookie stored on the client to an encrypted cookie. This prevents users from easily being able to see the contents of their session cookies.

The episode includes a very good series of tips regarding upgrading from 2 to 4 and I was able to do that successfully using this tutorial.