1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19 package org.eclipse.jetty.server.session;
20
21 import static org.junit.Assert.assertEquals;
22 import static org.junit.Assert.assertFalse;
23 import static org.junit.Assert.assertNotNull;
24 import static org.junit.Assert.assertNotSame;
25 import static org.junit.Assert.assertNull;
26 import static org.junit.Assert.assertTrue;
27
28 import java.io.IOException;
29
30 import javax.servlet.ServletException;
31 import javax.servlet.http.HttpServlet;
32 import javax.servlet.http.HttpServletRequest;
33 import javax.servlet.http.HttpServletResponse;
34 import javax.servlet.http.HttpSession;
35
36 import org.eclipse.jetty.client.HttpClient;
37 import org.eclipse.jetty.client.api.ContentResponse;
38 import org.eclipse.jetty.client.api.Request;
39 import org.eclipse.jetty.servlet.ServletContextHandler;
40
41
42 public abstract class AbstractSessionRenewTest
43 {
44 public abstract AbstractTestServer createServer(int port, int max, int scavenge);
45
46 public void testSessionRenewal() throws Exception
47 {
48 String contextPath = "";
49 String servletMapping = "/server";
50 int scavengePeriod = 3;
51 AbstractTestServer server = createServer(0, 1, scavengePeriod);
52 ServletContextHandler context = server.addContext(contextPath);
53 context.addServlet(TestServlet.class, servletMapping);
54
55
56 HttpClient client = new HttpClient();
57 try
58 {
59 server.start();
60 int port=server.getPort();
61
62 client.start();
63
64
65 ContentResponse response = client.GET("http://localhost:" + port + contextPath + servletMapping + "?action=create");
66 assertEquals(HttpServletResponse.SC_OK,response.getStatus());
67
68 String sessionCookie = response.getHeaders().getStringField("Set-Cookie");
69 assertTrue(sessionCookie != null);
70
71
72 Request request = client.newRequest("http://localhost:" + port + contextPath + servletMapping + "?action=renew");
73 request.header("Cookie", sessionCookie);
74 ContentResponse renewResponse = request.send();
75 assertEquals(HttpServletResponse.SC_OK,renewResponse.getStatus());
76 String renewSessionCookie = renewResponse.getHeaders().getStringField("Set-Cookie");
77 assertNotNull(renewSessionCookie);
78 assertNotSame(sessionCookie, renewSessionCookie);
79 }
80 finally
81 {
82 client.stop();
83 server.stop();
84 }
85 }
86
87
88 public static class TestServlet extends HttpServlet
89 {
90 @Override
91 protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException
92 {
93 String action = request.getParameter("action");
94 if ("create".equals(action))
95 {
96 HttpSession session = request.getSession(true);
97 assertTrue(session.isNew());
98 }
99 else if ("renew".equals(action))
100 {
101 HttpSession beforeSession = request.getSession(false);
102 assertTrue(beforeSession != null);
103 String beforeSessionId = beforeSession.getId();
104
105
106 ((AbstractSession)beforeSession).renewId(request);
107
108 HttpSession afterSession = request.getSession(false);
109 assertTrue(afterSession != null);
110 String afterSessionId = afterSession.getId();
111
112 assertTrue(beforeSession==afterSession);
113 assertFalse(beforeSessionId.equals(afterSessionId));
114
115 AbstractSessionManager sessionManager = (AbstractSessionManager)((AbstractSession)afterSession).getSessionManager();
116 AbstractSessionIdManager sessionIdManager = (AbstractSessionIdManager)sessionManager.getSessionIdManager();
117
118 assertTrue(sessionIdManager.idInUse(afterSessionId));
119 assertFalse(sessionIdManager.idInUse(beforeSessionId));
120
121 HttpSession session = sessionManager.getSession(afterSessionId);
122 assertNotNull(session);
123 session = sessionManager.getSession(beforeSessionId);
124 assertNull(session);
125
126 if (((AbstractSession)afterSession).isIdChanged())
127 {
128 ((org.eclipse.jetty.server.Response)response).addCookie(sessionManager.getSessionCookie(afterSession, request.getContextPath(), request.isSecure()));
129 }
130 }
131 }
132 }
133
134 }