No :secret given to the #protect_from_forgery

根据《web开发敏捷之道》（第二版）学习ror，遇到这个问题。
本人rails版本2.0，ruby 1.8.6
解决方法：
打开/app/controllers/application.rb 文件，代码如下：
class ApplicationController < ActionController::Base

  session :session_key => '_depot_session_id'
 
  helper :all # include all helpers, all the time

  # See ActionController::RequestForgeryProtection for details
  # Uncomment the :secret if you're not using the cookie session store
  protect_from_forgery  :secret => 'b20b90da64b4a48a169c6c87121c1d82'
 
  # See ActionController::Base for details
  # Uncomment this to filter the contents of submitted sensitive data parameters
  # from your application log (in this case, all fields with names like "password").
  # filter_parameter_logging :password
end