View Javadoc

1   //
2   //  ========================================================================
3   //  Copyright (c) 1995-2016 Mort Bay Consulting Pty. Ltd.
4   //  ------------------------------------------------------------------------
5   //  All rights reserved. This program and the accompanying materials
6   //  are made available under the terms of the Eclipse Public License v1.0
7   //  and Apache License v2.0 which accompanies this distribution.
8   //
9   //      The Eclipse Public License is available at
10  //      http://www.eclipse.org/legal/epl-v10.html
11  //
12  //      The Apache License v2.0 is available at
13  //      http://www.opensource.org/licenses/apache2.0.php
14  //
15  //  You may elect to redistribute this code under either of these licenses.
16  //  ========================================================================
17  //
18  
19  package org.eclipse.jetty.server.session;
20  
21  import static org.junit.Assert.assertEquals;
22  import static org.junit.Assert.assertNotNull;
23  import static org.junit.Assert.assertNull;
24  import static org.junit.Assert.assertTrue;
25  
26  import java.io.IOException;
27  
28  import javax.servlet.ServletException;
29  import javax.servlet.http.HttpServlet;
30  import javax.servlet.http.HttpServletRequest;
31  import javax.servlet.http.HttpServletResponse;
32  import javax.servlet.http.HttpSession;
33  import javax.servlet.http.HttpSessionEvent;
34  import javax.servlet.http.HttpSessionListener;
35  
36  import org.eclipse.jetty.client.HttpClient;
37  import org.eclipse.jetty.client.api.ContentResponse;
38  import org.eclipse.jetty.client.api.Request;
39  import org.eclipse.jetty.servlet.ServletContextHandler;
40  import org.junit.Test;
41  
42  public abstract class AbstractRemoveSessionTest
43  {
44      public abstract AbstractTestServer createServer(int port, int max, int scavenge);
45  
46  
47      @Test
48      public void testRemoveSession() throws Exception
49      {
50          String contextPath = "";
51          String servletMapping = "/server";
52          int scavengePeriod = 3;
53          AbstractTestServer server = createServer(0, 1, scavengePeriod);
54          ServletContextHandler context = server.addContext(contextPath);
55          context.addServlet(TestServlet.class, servletMapping);
56          TestEventListener testListener = new TestEventListener();
57          context.getSessionHandler().addEventListener(testListener);
58          try
59          {
60              server.start();
61              int port = server.getPort();
62  
63              HttpClient client = new HttpClient();
64              client.start();
65              try
66              {
67                  ContentResponse response = client.GET("http://localhost:" + port + contextPath + servletMapping + "?action=create");
68                  assertEquals(HttpServletResponse.SC_OK,response.getStatus());
69                  String sessionCookie = response.getHeaders().get("Set-Cookie");
70                  assertTrue(sessionCookie != null);
71                  // Mangle the cookie, replacing Path with $Path, etc.
72                  sessionCookie = sessionCookie.replaceFirst("(\\W)(P|p)ath=", "$1\\$Path=");
73                  //ensure sessionCreated listener is called
74                  assertTrue (testListener.isCreated());
75  
76                  //now delete the session
77                  Request request = client.newRequest("http://localhost:" + port + contextPath + servletMapping + "?action=delete");
78                  request.header("Cookie", sessionCookie);
79                  response = request.send();
80                  assertEquals(HttpServletResponse.SC_OK,response.getStatus());
81                  //ensure sessionDestroyed listener is called
82                  assertTrue(testListener.isDestroyed());
83  
84  
85                  // The session is not there anymore, even if we present an old cookie
86                  request = client.newRequest("http://localhost:" + port + contextPath + servletMapping + "?action=check");
87                  request.header("Cookie", sessionCookie);
88                  response = request.send();
89                  assertEquals(HttpServletResponse.SC_OK,response.getStatus());
90              }
91              finally
92              {
93                  client.stop();
94              }
95          }
96          finally
97          {
98              server.stop();
99          }
100 
101     }
102     public static class TestServlet extends HttpServlet
103     {
104         protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException
105         {
106             String action = request.getParameter("action");
107             if ("create".equals(action))
108             {
109                 request.getSession(true);
110             }
111             else if ("delete".equals(action))
112             {
113                 HttpSession s = request.getSession(false);
114                 assertNotNull(s);
115                 s.invalidate();
116                 s = request.getSession(false);
117                 assertNull(s);
118             }
119             else
120             {
121                HttpSession s = request.getSession(false);
122                assertNull(s);
123             }
124         }
125     }
126 
127     public static class TestEventListener implements HttpSessionListener
128     {
129         boolean wasCreated;
130         boolean wasDestroyed;
131 
132         public void sessionCreated(HttpSessionEvent se)
133         {
134             wasCreated = true;
135         }
136 
137         public void sessionDestroyed(HttpSessionEvent se)
138         {
139            wasDestroyed = true;
140         }
141 
142         public boolean isDestroyed()
143         {
144             return wasDestroyed;
145         }
146 
147 
148         public boolean isCreated()
149         {
150             return wasCreated;
151         }
152 
153     }
154 
155 }