Valid HTTP session no longer invalidated when HttpSession not accessed

Fixes gh-188
This commit is contained in:
Rob Winch
2015-04-15 12:33:34 -05:00
parent 30d4ea996b
commit 5879d15692
2 changed files with 29 additions and 1 deletions

View File

@@ -19,6 +19,7 @@ import static org.fest.assertions.Assertions.assertThat;
import static org.junit.Assert.fail;
import static org.mockito.Matchers.any;
import static org.mockito.Matchers.eq;
import static org.mockito.Mockito.never;
import static org.mockito.Mockito.verify;
import static org.mockito.Mockito.when;
@@ -1077,6 +1078,31 @@ public class SessionRepositoryFilterTests<S extends ExpiringSession> {
verify(strategy).onInvalidateSession(any(HttpServletRequest.class),any(HttpServletResponse.class));
}
// gh-188
@Test
public void doFilterRequestSessionNoRequestSessionDoesNotInvalidate() throws Exception {
filter.setHttpSessionStrategy(strategy);
doFilter(new DoInFilter(){
@Override
public void doFilter(HttpServletRequest wrappedRequest, HttpServletResponse wrappedResponse) throws IOException {
wrappedRequest.getSession().getId();
}
});
HttpServletRequest request = (HttpServletRequest) chain.getRequest();
String id = request.getSession().getId();
when(strategy.getRequestedSessionId(any(HttpServletRequest.class))).thenReturn(id);
doFilter(new DoInFilter(){
@Override
public void doFilter(HttpServletRequest wrappedRequest, HttpServletResponse wrappedResponse) throws IOException {
}
});
verify(strategy,never()).onInvalidateSession(any(HttpServletRequest.class),any(HttpServletResponse.class));
}
// --- order
@Test