We use the exception_logger gem (https://github.com/QuBiT/exception_logger) for capturing exceptions, cancan (https://github.com/ryanb/cancan) for authorization and devise (https://github.com/plataformatec/devise) for authentication.
So how do you secure your logged_exceptions page ?
1. In your production.rb add the following lines
config.after_initialize do LoggedExceptionsController.class_eval do # include authentication and authorization before access before_filter :authenticate_user! load_and_authorize_resource self.application_name = "Jqt" end end 2. Ensure your ability filed has the following entry for the role that can manage logged_exceptions can [:manage], LoggedException
3. Restart your server