View Javadoc

1   //
2   //  ========================================================================
3   //  Copyright (c) 1995-2016 Mort Bay Consulting Pty. Ltd.
4   //  ------------------------------------------------------------------------
5   //  All rights reserved. This program and the accompanying materials
6   //  are made available under the terms of the Eclipse Public License v1.0
7   //  and Apache License v2.0 which accompanies this distribution.
8   //
9   //      The Eclipse Public License is available at
10  //      http://www.eclipse.org/legal/epl-v10.html
11  //
12  //      The Apache License v2.0 is available at
13  //      http://www.opensource.org/licenses/apache2.0.php
14  //
15  //  You may elect to redistribute this code under either of these licenses.
16  //  ========================================================================
17  //
18  
19  package org.eclipse.jetty.server.session;
20  
21  import static org.junit.Assert.assertEquals;
22  import static org.junit.Assert.assertTrue;
23  
24  import java.io.IOException;
25  import java.util.concurrent.TimeUnit;
26  
27  import javax.servlet.ServletException;
28  import javax.servlet.http.HttpServlet;
29  import javax.servlet.http.HttpServletRequest;
30  import javax.servlet.http.HttpServletResponse;
31  import javax.servlet.http.HttpSession;
32  
33  import org.eclipse.jetty.client.HttpClient;
34  import org.eclipse.jetty.client.api.ContentResponse;
35  import org.eclipse.jetty.client.api.Request;
36  import org.junit.Test;
37  
38  /**
39   * AbstractOrphanedSessionTest
40   */
41  public abstract class AbstractOrphanedSessionTest
42  {
43  
44      public abstract AbstractTestServer createServer(int port, int max, int scavenge);
45  
46      /**
47       * If nodeA creates a session, and just afterwards crashes, it is the only node that knows about the session.
48       * We want to test that the session data is gone after scavenging.
49       * @throws Exception on test failure
50       */
51      @Test
52      public void testOrphanedSession() throws Exception
53      {
54          // Disable scavenging for the first server, so that we simulate its "crash".
55          String contextPath = "";
56          String servletMapping = "/server";
57          int inactivePeriod = 5;
58          AbstractTestServer server1 = createServer(0, inactivePeriod, -1);
59          server1.addContext(contextPath).addServlet(TestServlet.class, servletMapping);
60          try
61          {
62              server1.start();
63              int port1 = server1.getPort();
64              int scavengePeriod = 2;
65              AbstractTestServer server2 = createServer(0, inactivePeriod, scavengePeriod);
66              server2.addContext(contextPath).addServlet(TestServlet.class, servletMapping);         
67              try
68              {
69                  server2.start();
70                  int port2 = server2.getPort();
71                  HttpClient client = new HttpClient();
72                  client.start();
73                  try
74                  {
75                      // Connect to server1 to create a session and get its session cookie
76                      ContentResponse response1 = client.GET("http://localhost:" + port1 + contextPath + servletMapping + "?action=init");
77                      assertEquals(HttpServletResponse.SC_OK,response1.getStatus());
78                      String sessionCookie = response1.getHeaders().get("Set-Cookie");
79                      assertTrue(sessionCookie != null);
80                      // Mangle the cookie, replacing Path with $Path, etc.
81                      sessionCookie = sessionCookie.replaceFirst("(\\W)(P|p)ath=", "$1\\$Path=");
82  
83                      // Wait for the session to expire.
84                      // The first node does not do any scavenging, but the session
85                      // must be removed by scavenging done in the other node.
86                      Thread.sleep(TimeUnit.SECONDS.toMillis(inactivePeriod + 2L * scavengePeriod));
87  
88                      // Perform one request to server2 to be sure that the session has been expired
89                      Request request = client.newRequest("http://localhost:" + port2 + contextPath + servletMapping + "?action=check");
90                      request.header("Cookie", sessionCookie);
91                      ContentResponse response2 = request.send();
92                      assertEquals(HttpServletResponse.SC_OK,response2.getStatus());
93                  }
94                  finally
95                  {
96                      client.stop();
97                  }
98              }
99              finally
100             {
101                 server2.stop();
102             }
103         }
104         finally
105         {
106             server1.stop();
107         }
108     }
109 
110     public static class TestServlet extends HttpServlet
111     {
112         @Override
113         protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException
114         {
115             String action = request.getParameter("action");
116             if ("init".equals(action))
117             {
118                 HttpSession session = request.getSession(true);
119                 session.setAttribute("A", "A");
120             }
121             else if ("remove".equals(action))
122             {
123                 HttpSession session = request.getSession(false);
124                 session.invalidate();
125                 //assertTrue(session == null);
126             }
127             else if ("check".equals(action))
128             {
129                 HttpSession session = request.getSession(false);
130                 assertTrue(session == null);
131             }
132         }
133     }
134 }