diff --git a/spring-session/src/main/java/org/springframework/session/web/http/CookieHttpSessionStrategy.java b/spring-session/src/main/java/org/springframework/session/web/http/CookieHttpSessionStrategy.java index 8bde751..8c3ebc1 100644 --- a/spring-session/src/main/java/org/springframework/session/web/http/CookieHttpSessionStrategy.java +++ b/spring-session/src/main/java/org/springframework/session/web/http/CookieHttpSessionStrategy.java @@ -238,7 +238,7 @@ public final class CookieHttpSessionStrategy implements MultiHttpSessionStrategy if(sessionIds.isEmpty()) { return ""; } - if(sessionIds.size() == 1) { + if(sessionIds.size() == 1 && sessionIds.keySet().contains(DEFAULT_ALIAS)) { return sessionIds.values().iterator().next(); } diff --git a/spring-session/src/test/java/org/springframework/session/web/http/CookieHttpSessionStrategyTests.java b/spring-session/src/test/java/org/springframework/session/web/http/CookieHttpSessionStrategyTests.java index b7b7c3e..43942ef 100644 --- a/spring-session/src/test/java/org/springframework/session/web/http/CookieHttpSessionStrategyTests.java +++ b/spring-session/src/test/java/org/springframework/session/web/http/CookieHttpSessionStrategyTests.java @@ -107,6 +107,14 @@ public class CookieHttpSessionStrategyTests { assertThat(getSessionId()).isEqualTo("0 " + existing.getId() + " new " + session.getId()); } + // gh-321 + @Test + public void onNewSessionExplicitAlias() throws Exception { + request.setParameter(CookieHttpSessionStrategy.DEFAULT_SESSION_ALIAS_PARAM_NAME, "new"); + strategy.onNewSession(session, request, response); + assertThat(getSessionId()).isEqualTo("new " + session.getId()); + } + @Test public void onNewSessionCookiePath() throws Exception { request.setContextPath("/somethingunique"); @@ -149,8 +157,9 @@ public class CookieHttpSessionStrategyTests { public void onDeleteSessionExistingSessionSameAlias() throws Exception { Session existing = new MapSession(); setSessionCookie("0 " + existing.getId() + " new " + session.getId()); + request.setParameter(CookieHttpSessionStrategy.DEFAULT_SESSION_ALIAS_PARAM_NAME, "new"); strategy.onInvalidateSession(request, response); - assertThat(getSessionId()).isEqualTo(session.getId()); + assertThat(getSessionId()).isEqualTo(existing.getId()); } @Test