1 files changed, 35 insertions, 10 deletions

diff --git a/actionpack/test/controller/session/mem_cache_store_test.rb b/actionpack/test/controller/session/mem_cache_store_test.rb
index 2e2bf79148..7561c93e4a 100644
--- a/actionpack/test/controller/session/mem_cache_store_test.rb
+++ b/actionpack/test/controller/session/mem_cache_store_test.rb
@@ -16,8 +16,15 @@ class MemCacheStoreTest < ActionController::IntegrationTest
       render :text => "foo: #{session[:foo].inspect}"
     end
 
+    def get_session_id
+      session[:foo]
+      render :text => "#{request.session_options[:id]}"
+    end
+
     def call_reset_session
+      session[:bar]
       reset_session
+      session[:bar] = "baz"
       head :ok
     end
 
@@ -50,38 +57,56 @@ class MemCacheStoreTest < ActionController::IntegrationTest
       with_test_route_set do
         get '/get_session_value'
         assert_response :success
-      assert_equal 'foo: nil', response.body
+        assert_equal 'foo: nil', response.body
       end
     end
 
-    def test_prevents_session_fixation
+    def test_setting_session_value_after_session_reset
       with_test_route_set do
-        get '/get_session_value'
+        get '/set_session_value'
         assert_response :success
-        assert_equal 'foo: nil', response.body
+        assert cookies['_session_id']
         session_id = cookies['_session_id']
 
-        reset!
+        get '/call_reset_session'
+        assert_response :success
+        assert_not_equal [], headers['Set-Cookie']
 
-        get '/set_session_value', :_session_id => session_id
+        get '/get_session_value'
         assert_response :success
-        assert_equal nil, cookies['_session_id']
+        assert_equal 'foo: nil', response.body
+
+        get '/get_session_id'
+        assert_response :success
+        assert_not_equal session_id, response.body
       end
     end
 
-    def test_setting_session_value_after_session_reset
+    def test_getting_session_id
       with_test_route_set do
         get '/set_session_value'
         assert_response :success
         assert cookies['_session_id']
+        session_id = cookies['_session_id']
 
-        get '/call_reset_session'
+        get '/get_session_id'
         assert_response :success
-        assert_not_equal [], headers['Set-Cookie']
+        assert_equal session_id, response.body
+      end
+    end
 
+    def test_prevents_session_fixation
+      with_test_route_set do
         get '/get_session_value'
         assert_response :success
         assert_equal 'foo: nil', response.body
+        session_id = cookies['_session_id']
+
+        reset!
+
+        get '/set_session_value', :_session_id => session_id
+        assert_response :success
+        assert_equal nil, cookies['_session_id']
       end
     end
   rescue LoadError, RuntimeError