View Javadoc

1   // ========================================================================
2   // Copyright 2004-2010 Mort Bay Consulting Pty. Ltd.
3   // ------------------------------------------------------------------------
4   // All rights reserved. This program and the accompanying materials
5   // are made available under the terms of the Eclipse Public License v1.0
6   // and Apache License v2.0 which accompanies this distribution.
7   // The Eclipse Public License is available at
8   // http://www.eclipse.org/legal/epl-v10.html
9   // The Apache License v2.0 is available at
10  // http://www.opensource.org/licenses/apache2.0.php
11  // You may elect to redistribute this code under either of these licenses.
12  // ========================================================================
13  
14  package org.eclipse.jetty.server.session;
15  
16  import java.io.IOException;
17  import java.util.Random;
18  import java.util.concurrent.TimeUnit;
19  
20  import javax.servlet.ServletException;
21  import javax.servlet.http.HttpServlet;
22  import javax.servlet.http.HttpServletRequest;
23  import javax.servlet.http.HttpServletResponse;
24  import javax.servlet.http.HttpSession;
25  
26  import org.eclipse.jetty.client.ContentExchange;
27  import org.eclipse.jetty.client.HttpClient;
28  import org.eclipse.jetty.http.HttpMethods;
29  import org.junit.Test;
30  import static org.junit.Assert.assertEquals;
31  import static org.junit.Assert.assertTrue;
32  
33  /**
34   * AbstractOrphanedSessionTest
35   */
36  public abstract class AbstractOrphanedSessionTest
37  {
38  
39      public abstract AbstractTestServer createServer(int port, int max, int scavenge);
40  
41      /**
42       * If nodeA creates a session, and just afterwards crashes, it is the only node that knows about the session.
43       * We want to test that the session data is gone after scavenging.
44       */
45      @Test
46      public void testOrphanedSession() throws Exception
47      {
48          // Disable scavenging for the first server, so that we simulate its "crash".
49          String contextPath = "";
50          String servletMapping = "/server";
51          int inactivePeriod = 5;
52          AbstractTestServer server1 = createServer(0, inactivePeriod, -1);
53          server1.addContext(contextPath).addServlet(TestServlet.class, servletMapping);
54          server1.start();
55          int port1 = server1.getPort();
56          try
57          {
58              int scavengePeriod = 2;
59              AbstractTestServer server2 = createServer(0, inactivePeriod, scavengePeriod);
60              server2.addContext(contextPath).addServlet(TestServlet.class, servletMapping);
61              server2.start();
62              int port2 = server2.getPort();
63              try
64              {
65                  HttpClient client = new HttpClient();
66                  client.setConnectorType(HttpClient.CONNECTOR_SOCKET);
67                  client.start();
68                  try
69                  {
70                      // Connect to server1 to create a session and get its session cookie
71                      ContentExchange exchange1 = new ContentExchange(true);
72                      exchange1.setMethod(HttpMethods.GET);
73                      exchange1.setURL("http://localhost:" + port1 + contextPath + servletMapping + "?action=init");
74                      client.send(exchange1);
75                      exchange1.waitForDone();
76                      assertEquals(HttpServletResponse.SC_OK,exchange1.getResponseStatus());
77                      String sessionCookie = exchange1.getResponseFields().getStringField("Set-Cookie");
78                      assertTrue(sessionCookie != null);
79                      // Mangle the cookie, replacing Path with $Path, etc.
80                      sessionCookie = sessionCookie.replaceFirst("(\\W)(P|p)ath=", "$1\\$Path=");
81  
82                      // Wait for the session to expire.
83                      // The first node does not do any scavenging, but the session
84                      // must be removed by scavenging done in the other node.
85                      Thread.sleep(TimeUnit.SECONDS.toMillis(inactivePeriod + 2L * scavengePeriod));
86  
87                      System.err.println("FINISHED waiting for session to expire");
88                      // Perform one request to server2 to be sure that the session has been expired
89  //                    
90  
91                      // force invalidate to test
92  //                    ContentExchange exchange3 = new ContentExchange(true);
93  //                    exchange3.setMethod(HttpMethods.GET);
94  //                    exchange3.setURL("http://localhost:" + port2 + contextPath + servletMapping + "?action=remove");
95  //                    exchange3.getRequestFields().add("Cookie", sessionCookie);
96  //                    client.send(exchange3);
97  //                    exchange3.waitForDone();
98                      
99                      System.err.println("CHECKING NODE2");
100                     ContentExchange exchange2 = new ContentExchange(true);
101                     exchange2.setMethod(HttpMethods.GET);
102                     exchange2.setURL("http://localhost:" + port2 + contextPath + servletMapping + "?action=check");
103                     exchange2.getRequestFields().add("Cookie", sessionCookie);
104                     client.send(exchange2);
105                     exchange2.waitForDone();
106                     assertEquals(HttpServletResponse.SC_OK,exchange2.getResponseStatus());
107                 }
108                 finally
109                 {
110                     client.stop();
111                 }
112             }
113             finally
114             {
115                 server2.stop();
116             }
117         }
118         finally
119         {
120             server1.stop();
121         }
122     }
123 
124     public static class TestServlet extends HttpServlet
125     {
126         @Override
127         protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException
128         {
129             String action = request.getParameter("action");
130             if ("init".equals(action))
131             {
132                 HttpSession session = request.getSession(true);
133                 session.setAttribute("A", "A");
134             }
135             else if ("remove".equals(action))
136             {
137                 HttpSession session = request.getSession(false);
138                 session.invalidate();
139                 //assertTrue(session == null);
140             }
141             else if ("check".equals(action))
142             {
143                 HttpSession session = request.getSession(false);
144                 assertTrue(session == null);
145             }
146         }
147     }
148 }