From b38cc74764ea94ca7b4509ea2f602a1a78e7cf04 Mon Sep 17 00:00:00 2001 From: Rob Winch Date: Thu, 3 Dec 2015 14:38:07 -0600 Subject: [PATCH] Include alias unless single id and default alias Fixes gh-321 --- .../session/web/http/CookieHttpSessionStrategy.java | 2 +- .../web/http/CookieHttpSessionStrategyTests.java | 11 ++++++++++- 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/spring-session/src/main/java/org/springframework/session/web/http/CookieHttpSessionStrategy.java b/spring-session/src/main/java/org/springframework/session/web/http/CookieHttpSessionStrategy.java index 8bde751..8c3ebc1 100644 --- a/spring-session/src/main/java/org/springframework/session/web/http/CookieHttpSessionStrategy.java +++ b/spring-session/src/main/java/org/springframework/session/web/http/CookieHttpSessionStrategy.java @@ -238,7 +238,7 @@ public final class CookieHttpSessionStrategy implements MultiHttpSessionStrategy if(sessionIds.isEmpty()) { return ""; } - if(sessionIds.size() == 1) { + if(sessionIds.size() == 1 && sessionIds.keySet().contains(DEFAULT_ALIAS)) { return sessionIds.values().iterator().next(); } diff --git a/spring-session/src/test/java/org/springframework/session/web/http/CookieHttpSessionStrategyTests.java b/spring-session/src/test/java/org/springframework/session/web/http/CookieHttpSessionStrategyTests.java index b7b7c3e..43942ef 100644 --- a/spring-session/src/test/java/org/springframework/session/web/http/CookieHttpSessionStrategyTests.java +++ b/spring-session/src/test/java/org/springframework/session/web/http/CookieHttpSessionStrategyTests.java @@ -107,6 +107,14 @@ public class CookieHttpSessionStrategyTests { assertThat(getSessionId()).isEqualTo("0 " + existing.getId() + " new " + session.getId()); } + // gh-321 + @Test + public void onNewSessionExplicitAlias() throws Exception { + request.setParameter(CookieHttpSessionStrategy.DEFAULT_SESSION_ALIAS_PARAM_NAME, "new"); + strategy.onNewSession(session, request, response); + assertThat(getSessionId()).isEqualTo("new " + session.getId()); + } + @Test public void onNewSessionCookiePath() throws Exception { request.setContextPath("/somethingunique"); @@ -149,8 +157,9 @@ public class CookieHttpSessionStrategyTests { public void onDeleteSessionExistingSessionSameAlias() throws Exception { Session existing = new MapSession(); setSessionCookie("0 " + existing.getId() + " new " + session.getId()); + request.setParameter(CookieHttpSessionStrategy.DEFAULT_SESSION_ALIAS_PARAM_NAME, "new"); strategy.onInvalidateSession(request, response); - assertThat(getSessionId()).isEqualTo(session.getId()); + assertThat(getSessionId()).isEqualTo(existing.getId()); } @Test