authlogic's password field is not required in rspec?


I am using authlogic and rspec in our project. I steup the authlogic
as the offical example. But when i run my rspec, it tells me that
password field is not required. My spec file is as following:

require 'spec_helper'

describe User do
  before(:each) do
    @valid_attributes = {
      :email => '',
      :password => "aaaaaa",
      :password_confirmation => "aaaaaa"
    @user =


  it "should not be valid without a password" do
    @user.password = nil
    @user.should_not be_valid

the rspec show me "expected valid? to return false, got true". but
when I run the application in firefox, and if I leave the password
field empty, the form will give errors. I also run irb: @user = :email => "", :password =
nil, :password_confirmation = 'a' * 10), the @user.valid? returned

Why the rspec got true?

Anyboby know why? I am waiting online!