1 files changed, 9 insertions, 4 deletions

diff --git a/actionpack/test/controller/http_digest_authentication_test.rb b/actionpack/test/controller/http_digest_authentication_test.rb
index b8a2205ce6..15a11395bb 100644
--- a/actionpack/test/controller/http_digest_authentication_test.rb
+++ b/actionpack/test/controller/http_digest_authentication_test.rb
@@ -38,6 +38,15 @@ class HttpDigestAuthenticationTest < ActionController::TestCase
 
   tests DummyDigestController
 
+  setup do
+    # Used as secret in generating nonce to prevent tampering of timestamp
+    @old_secret, ActionController::Base.session_options[:secret] = ActionController::Base.session_options[:secret], "session_options_secret"
+  end
+
+  teardown do
+    ActionController::Base.session_options[:secret] = @old_secret
+  end
+
   AUTH_HEADERS.each do |header|
     test "successful authentication with #{header.downcase}" do
       @request.env[header] = encode_credentials(:username => 'lifo', :password => 'world')
@@ -165,10 +174,6 @@ class HttpDigestAuthenticationTest < ActionController::TestCase
     options.reverse_merge!(:nc => "00000001", :cnonce => "0a4f113b", :password_is_ha1 => false)
     password = options.delete(:password)
 
-    # Set in /initializers/session_store.rb. Used as secret in generating nonce
-    # to prevent tampering of timestamp
-    ActionController::Base.session_options[:secret] = "session_options_secret"
-
     # Perform unauthenticated request to retrieve digest parameters to use on subsequent request
     method = options.delete(:method) || 'GET'