The simplest way to disable sessions in Rails is to use
session :off (see ActionController::SessionManagement::ClassMethods).
To disable session suport only for a specific controller add
session :off to that controller
Written like that, sessions are disabled for all actions on this controller.
Like filters, you can specify
:except clauses to restrict subset. The following code will disable session for first_action and third_action, but not for second_action.
Same could be achived with
session :off, :except => :second_action.
The session options are inheritable, so to disable sessions for the entire application add
session :off to ApplicationController.
session :disabled => true
The downside of above approach is that if you disable sessions in ApplicationController with session :off you can’t enable them later on.
But luckily there is a cure for that. Instead of session :off add this line
session :disabled => true to ApplicationController.
Now, you can re-enable session support in an inheriting controller with session :disabled => false.