Unwanted page displays in tests but not in development

Rails 2.3.9
Ruby 1.8.7
Cucumber 0.9.2
Cucumber-Rails 0.3.2
Auth_Logic 2.1.6
Declarative_Authorization 0.5.1

My project uses AuthLogic for authentication using ActiveRecord session
store and DeclarativeAuthorization for access control. I have a
requirement to provide a public interface to a particular query page
that requires no login. Thus, there is no AuthLogic session created.

If the query is successful then the response is displayed on a show page
and if not then the original input form is redisplayed with suitable
notices. On the show page a link is provided back to the query request
page to allow successive queries.

The cucumber steps for all this, up to the link to the query form from
the show page, work. I can follow the new_request_path to the input
form using visit and there submit a successful request. However, what
happens when I click on the link displayed on the resulting show page is
that I am sent to the default welcome page instead of back to the query
form. It turns out that this behaviour, showing the welcome page, was
happening all the time but that somehow the visit method then just
processed access to the unprotected page without complaint.

However, this display of the welcome page only happens while I am
testing. If I use the webrick server in development mode and I go to the
query page url directly then I do not see the welcome page. Further,
when I enter a valid query. display the response page and then click on
the new query link then I go back to the query form without problem.
The welcome page is never displayed at all.

I am somewhat perplexed as to what might be happening here. I note that
in development mode I have a session cookie notwithstanding that I have
no user session created. Might my problem be somehow related to cookie
handling? What is the present idiom to test Rails cookies? The
examples I can find seem to be quite dated and, per my other topic, I
cannot seem to be able to check the 2.3.9 api for details. I rather
suspect that the 3.0.0 api will not be very helpful.