currentSession saved on HttpServletRequest attribute
Previously, if the following happened: * New Session Created * Exception thrown * Exception processed by error handler within Servlet * Error Handler used a session The result would be two sessions were created. This means the data from the first session was also lost. This happend because ERROR dispatch is a separate Filter invocation where the request is no longer wrapped. This commit ensures that currentSession is saved on a HttpServletRequest attribute so that the ERROR dispatch sees that a session was already created. Fixes: gh-229
This commit is contained in:
@@ -67,6 +67,8 @@ public class SessionRepositoryFilterTests {
|
||||
@Mock
|
||||
private HttpSessionStrategy strategy;
|
||||
|
||||
private Map<String, ExpiringSession> sessions;
|
||||
|
||||
private SessionRepository<ExpiringSession> sessionRepository;
|
||||
|
||||
private SessionRepositoryFilter<ExpiringSession> filter;
|
||||
@@ -79,7 +81,8 @@ public class SessionRepositoryFilterTests {
|
||||
|
||||
@Before
|
||||
public void setup() throws Exception {
|
||||
sessionRepository = new MapSessionRepository();
|
||||
sessions = new HashMap<String, ExpiringSession>();
|
||||
sessionRepository = new MapSessionRepository(sessions);
|
||||
filter = new SessionRepositoryFilter<ExpiringSession>(sessionRepository);
|
||||
setupRequest();
|
||||
}
|
||||
@@ -558,6 +561,28 @@ public class SessionRepositoryFilterTests {
|
||||
});
|
||||
}
|
||||
|
||||
// gh-229
|
||||
@Test
|
||||
public void doFilterGetSessionGetSessionOnError() throws Exception {
|
||||
doFilter(new DoInFilter() {
|
||||
@Override
|
||||
public void doFilter(HttpServletRequest wrappedRequest) {
|
||||
wrappedRequest.getSession().setAttribute("a", "b");
|
||||
}
|
||||
});
|
||||
|
||||
// reuse the same request similar to processing an ERROR dispatch
|
||||
|
||||
doFilter(new DoInFilter() {
|
||||
@Override
|
||||
public void doFilter(HttpServletRequest wrappedRequest) {
|
||||
assertThat(wrappedRequest.getSession(false)).isNotNull();
|
||||
}
|
||||
});
|
||||
|
||||
assertThat(this.sessions.size()).isEqualTo(1);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void doFilterCookieSecuritySettings() throws Exception {
|
||||
request.setSecure(true);
|
||||
|
||||
Reference in New Issue
Block a user