This project is archived and is in readonly mode.

#1453 ✓wontfix

'get's in integration test unless you are using cookie sessions

Reported by Mark | November 24th, 2008 @ 05:54 AM | in 2.x

Hi All,

When you run an integration test that does some sort of http operation (such as get '/') and you are not running cookie sessions ( the key is not having config.action_controller.session = ... line in your environment.rb ) you get the integration test failing with the following exception:

NoMethodError: You have a nil object when you didn't expect it!
You might have expected an instance of ActiveRecord::Base.
The error occurred while evaluating nil.[]=
    /Library/Ruby/Gems/1.8/gems/actionpack-2.2.2/lib/action_controller/integration.rb:294:in `process'
    /Library/Ruby/Gems/1.8/gems/actionpack-2.2.2/lib/action_controller/integration.rb:185:in `get'
    /Library/Ruby/Gems/1.8/gems/actionpack-2.2.2/lib/action_controller/integration.rb:447:in `__send__'
    /Library/Ruby/Gems/1.8/gems/actionpack-2.2.2/lib/action_controller/integration.rb:447:in `get'
    ./test/integration/index_test.rb:8:in `test_the_truth'
    /Library/Ruby/Gems/1.8/gems/activesupport-2.2.2/lib/active_support/testing/setup_and_teardown.rb:94:in `__send__'
    /Library/Ruby/Gems/1.8/gems/activesupport-2.2.2/lib/active_support/testing/setup_and_teardown.rb:94:in `run'
    /Library/Ruby/Gems/1.8/gems/actionpack-2.2.2/lib/action_controller/integration.rb:597:in `run'

Hunting a little further I discovered that this exception is the real culprit:

(rdb:1) exception
#<ArgumentError: A secret is required to generate an integrity hash for cookie session data. Use config.action_controller.session = { :session_key => "_myapp_session", :secret => "some secret phrase of at least 30 characters" } in config/environment.rb>

This should only be required when using cookie store.

Comments and changes to this ticket

  • Fjan

    Fjan November 25th, 2008 @ 05:42 PM

    It looks like the integration test is actually using the cookie store instead of the configured store, because cookies[SESSION_KEY] changes on every request (even though ApplicationController::session_store reports otherwise)

    I have a bunch of test failing because my app assumes a new sessions starts when it gets a new value for cookies[SESSION_KEY]

  • josh

    josh December 15th, 2008 @ 09:27 PM

    • Assigned user set to “josh”
    • State changed from “new” to “open”

    Are you on edge? Can you please make a failing unit test?

  • Fjan

    Fjan December 15th, 2008 @ 10:32 PM

    I'm not on edge, but in Rails 2.2 you will see almost any test fail as soon as you remove this line from your environment.rb.

    "config.action_controller.session = {:sesion_key..."

    (A test with just get '/' in it should do.)

  • josh

    josh December 15th, 2008 @ 11:03 PM

    • State changed from “open” to “wontfix”

    Yeah, if you are going use cookie sessions you do need to give a key.

    If you mean to use a different store, try

    config.action_controller.session_store = :mem_cache_store
    # or
    config.action_controller.session_store = nil
  • Fjan

    Fjan December 15th, 2008 @ 11:53 PM

    Uhm, no, that's the point of this ticket. We DON'T want to use the cookie store, and yet it gives us errors for not supplying a key (only when testing, rails runs fine otherwise)

  • jfoxny

    jfoxny December 18th, 2008 @ 08:22 PM

    I too am seeing this behavior. I tried to specify a different session store but it still complains about, "...A secret is required to generate an integrity hash for cookie session data." Furthermore, when I do try to use the cookie session store I receive a CGI::Session::CookieStore::CookieOverflow exception. This is only an issue with integration testing.

  • Joël AZEMAR

    Joël AZEMAR January 5th, 2009 @ 03:08 PM

    same for me, I use config.action_controller.session_store = :active_record_store in my app and the integration tests fails with "CGI::Session::CookieStore::CookieOverflow (CGI::Session::CookieStore::CookieOverflow)" message ... You have an temporary solution ?!

  • josh

    josh January 5th, 2009 @ 06:15 PM

    Could you guys create a failing unit test to apply to AP

  • Fjan

    Fjan January 5th, 2009 @ 06:21 PM

    Pretty much any integration test will fail as soon as you set the session store to active record and remove the cookie session key. (Which shouldn't be cause for failure, of course).

    So as a unit test you can just do get '/'

  • Joël AZEMAR
  • Joël AZEMAR
  • Joe

    Joe January 18th, 2009 @ 10:23 AM

    When is it going to be fixed? I'm receiving errors for my integration tests after upgrading from 2.1.x to 2.2.2:

    117 1) Error: 118 test_logging_into_account1(StoriesTest): 119 NoMethodError: You have a nil object when you didn't expect it! 120 You might have expected an instance of ActiveRecord::Base. 121 The error occurred while evaluating nil.[]= 122 /usr/lib/ruby/gems/1.8/gems/actionpack-2.2.2/lib/action_controller/integration.rb:294:in process' 123 /usr/lib/ruby/gems/1.8/gems/actionpack-2.2.2/lib/action_controller/integration.rb:185:inget' 124 /home/admin/sites//test/integration/stories_test.rb:30:in is_logging_in_as' 125 /home/admin/sites/<removed>/test/integration/stories_test.rb:132:intest_logging_into_account1' 126 /usr/lib/ruby/gems/1.8/gems/activesupport-2.2.2/lib/active_support/testing/setup_and_teardown.rb:60:in __send__' 127 /usr/lib/ruby/gems/1.8/gems/activesupport-2.2.2/lib/active_support/testing/setup_and_teardown.rb:60:inrun' 128 /usr/lib/ruby/gems/1.8/gems/actionpack-2.2.2/lib/action_controller/integration.rb:597:in run'

  • sdawara
  • Christopher J. Bottaro

    Christopher J. Bottaro January 28th, 2009 @ 04:45 AM

    I left my session_key and secret in environment.rb despite that fact that I'm NOT using cookie store for my sessions and I'm still getting integration test failures: CGI::Session::CookieStore::CookieOverflow.

    As previously pointed out, it seems like integration tests don't honor the ActionController::Base.session_store setting.

    Here's a (tiny) test case:



  • holli

    holli February 26th, 2009 @ 08:54 PM

    I'm currently upgrading from 2.0.2 to 2.2.2 and came across this same problem. I'm using active_record_store as my session_store.

    sdawara's link was helpful, quoting a block from there: "It looks like the database_manager is hardcoded to be a CookieStore in rack_process.rb. Is there any plan on getting integration tests to use the actual configured cookie store?"

    Before this, I did not have any cookie session info in my environment.rb, but adding "config.action_controller.session = {:session_key => ..., :secret => ...}" removed the problem for now.

    Still the integration test wont actually test the session database, i.e. interation tests would pass even if I would not have session table in my database (in which case the server would crash if I would try to run it.)

    same issue happens when using script/console >> "app.get '/'"

    Is this ticket really going to be 'notfixed'?

  • Fjan

    Fjan March 18th, 2009 @ 04:49 PM

    This is fixed in 2.3.2

  • Chris Wilson

    Chris Wilson April 18th, 2009 @ 05:07 PM

    Upgrading to 2.3.x brings its own set of problems. If you don't want to upgrade, you can do this in your test setup or test environment instead:

    ActionController::RackRequest::DEFAULT_SESSION_OPTIONS[:database_manager] = CGI::Session::ActiveRecordStore

Create your profile

Help contribute to this project by taking a few moments to create your personal profile. Create your profile »

<h2 style="font-size: 14px">Tickets have moved to Github</h2>

The new ticket tracker is available at <a href=""></a>