#91 ✓hold

UserSession.create(user_object, :secure) and redirects in testing

Reported by Daniel | April 15th, 2009 @ 09:46 AM

(originally posted to Google Group, but no reply, and seemingly a bug, so opening it here)

Running authlogic v2.0.5 as a gem.

In a functional test, I'm using UserSession.create (user_object, :secure) to create secure sessions in each of several tests. If the action called by any of those tests includes a redirect, then a subsequent UserSession.create(user_object, :secure) call, in separate test methods, fail to create a secure session. Comment out the earlier test, and the subsequent call successfully creates a secure session.

So, in a functional test file, we have...

def setup

def test_1
  UserSession.create(user_object, :secure)
  post :some_action_that_results_in_redirect

def test_2
  UserSession.create(user_object, :secure)
  post :some_action_that_results_in_redirect

...results in a secure session being created during the first test, but not the second. Comment out either test, and the other test successfully creates the secure session. Alternatively, replacing the called action with an action that does not redirect also eliminates the problem.

Also, with the above tests in place, running all tests via "rake test:functionals" causes some UserSession.create(user_object) calls to fail in other functional test files (ie: those that test other controllers). Commenting out the two test methods that rely on a secure session and that result in redirect allows the UserSession.create(user_object) calls to function properly.

It seems that something in the ID associated session generator is carrying over between tests when it shouldn't be. Or am I misunderstanding something about how to test ID based sessions?

Thank You,


Comments and changes to this ticket

  • Ben Johnson

    Ben Johnson April 15th, 2009 @ 09:55 AM

    • State changed from “new” to “open”

    No, tests are supposed to be interdependent of one another. Supplying an id doesn't do anything crazy, all that is does is change the name of the cookie / session keys. I'm not sure what the issue is though, I have never seen that. Can you do a little more digging and get more information? I have a feeling its specific to your app.

  • Ben Johnson

    Ben Johnson April 20th, 2009 @ 09:39 PM

    • State changed from “open” to “hold”

    Any update on this?

  • Daniel

    Daniel April 21st, 2009 @ 12:50 PM

    Hi Ben,

    I am no closer to understanding why there is crossover between tests, but I have produced a bare-bones Rails app whose authentication_updates_controller_test.rb functional test reproduces the behavior: http://github.com/Bluejade/authl...

    authentication_updates_controller_test.rb contains the tests that reproduce the problem. Notice that there are two pairs of tests with identical contents. The one that does not redirect renders fine both times. The one that redirects breaks the second time.

    Thank You,


Please Sign in or create a free account to add a new ticket.

With your very own profile, you can contribute to projects, track your activity, watch tickets, receive and update tickets through your email and much more.

New-ticket Create new ticket

Create your profile

Help contribute to this project by taking a few moments to create your personal profile. Create your profile ยป

Object based authentication solution that handles all of the non sense for you. It's as easy as ActiveRecord is with a database.

People watching this ticket