views:

354

answers:

1

My Ruby on Rails application is mostly contained behind a login page. I'd still like to be able to stress test these pages, as they have some heavy database access.

Sending the username and password into a post for my login isn't difficult, but the Authenticity Token keeps changing, which makes my tests unrepeatable.

Is there a way to solve this problem while also maintaining an accurate production-esque environment?

I'd appreciate any help. Thanks!

+2  A: 

You can disable authenticity tokens in an environment.

This can be done via an initializer for the environment.

# Disable request forgery protection in test environment
config.action_controller.allow_forgery_protection    = false

You could create a new enviroment, say stress which will be identical to your production environment, except for the above.

Otherwise you will need to modify your stress testing application to maintain a session and parse the tokens.

What stress testing software are you using?

The Who
This works! However it showed that Trample, the testing framework I was using, doesn't keep track of sessions from one request to the next. Any suggestions on a better tool that I can use exclusively from the command line?
Eric the Red
I'm afraid I don't. Might be a good question to ask, or check some of the existing answers:http://stackoverflow.com/questions/351938/load-test-stress-test-web-serviceshttp://stackoverflow.com/questions/507683/open-source-tool-for-stress-testing-load-testing-and-performance-testinghttp://stackoverflow.com/questions/311925/best-way-to-stress-test-a-rails-web-appGood luck
The Who