1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19 package org.eclipse.jetty.server.session;
20
21 import static org.junit.Assert.assertEquals;
22 import static org.junit.Assert.assertTrue;
23
24 import java.io.IOException;
25 import java.util.ArrayList;
26 import java.util.List;
27
28 import javax.servlet.ServletException;
29 import javax.servlet.http.HttpServlet;
30 import javax.servlet.http.HttpServletRequest;
31 import javax.servlet.http.HttpServletResponse;
32 import javax.servlet.http.HttpSession;
33 import javax.servlet.http.HttpSessionEvent;
34 import javax.servlet.http.HttpSessionListener;
35
36 import org.eclipse.jetty.client.HttpClient;
37 import org.eclipse.jetty.client.api.ContentResponse;
38 import org.eclipse.jetty.client.api.Request;
39 import org.eclipse.jetty.servlet.ServletContextHandler;
40 import org.eclipse.jetty.servlet.ServletHolder;
41 import org.junit.Test;
42
43 public abstract class AbstractSessionExpiryTest
44 {
45 public abstract AbstractTestServer createServer(int port, int max, int scavenge);
46
47 public void pause(int scavengePeriod)
48 {
49 try
50 {
51 Thread.sleep(scavengePeriod * 2500L);
52 }
53 catch (InterruptedException e)
54 {
55 e.printStackTrace();
56 }
57 }
58
59 public class TestHttpSessionListener implements HttpSessionListener
60 {
61 public List<String> createdSessions = new ArrayList<String>();
62 public List<String> destroyedSessions = new ArrayList<String>();
63
64 public void sessionDestroyed(HttpSessionEvent se)
65 {
66 destroyedSessions.add(se.getSession().getId());
67 }
68
69 public void sessionCreated(HttpSessionEvent se)
70 {
71 createdSessions.add(se.getSession().getId());
72 }
73 };
74
75
76 @Test
77 public void testSessionNotExpired() throws Exception
78 {
79 String contextPath = "";
80 String servletMapping = "/server";
81 int inactivePeriod = 10;
82 int scavengePeriod = 10;
83 AbstractTestServer server1 = createServer(0, inactivePeriod, scavengePeriod);
84 TestServlet servlet = new TestServlet();
85 ServletHolder holder = new ServletHolder(servlet);
86 server1.addContext(contextPath).addServlet(holder, servletMapping);
87
88 HttpClient client = new HttpClient();
89 try
90 {
91 server1.start();
92 int port1 = server1.getPort();
93
94 client.start();
95 String url = "http://localhost:" + port1 + contextPath + servletMapping;
96
97
98 ContentResponse response = client.GET(url + "?action=init");
99 assertEquals(HttpServletResponse.SC_OK,response.getStatus());
100 String sessionCookie = response.getHeaders().get("Set-Cookie");
101 assertTrue(sessionCookie != null);
102
103 sessionCookie = sessionCookie.replaceFirst("(\\W)(P|p)ath=", "$1\\$Path=");
104
105
106 server1.stop();
107
108
109 server1.start();
110 port1 = server1.getPort();
111 url = "http://localhost:" + port1 + contextPath + servletMapping;
112
113
114 Request request = client.newRequest(url + "?action=notexpired");
115 request.getHeaders().add("Cookie", sessionCookie);
116 ContentResponse response2 = request.send();
117 assertEquals(HttpServletResponse.SC_OK,response2.getStatus());
118
119 }
120 finally
121 {
122 client.stop();
123 server1.stop();
124 }
125 }
126
127
128 @Test
129 public void testSessionExpiry() throws Exception
130 {
131
132
133 String contextPath = "";
134 String servletMapping = "/server";
135 int inactivePeriod = 2;
136 int scavengePeriod = 1;
137 AbstractTestServer server1 = createServer(0, inactivePeriod, scavengePeriod);
138 TestServlet servlet = new TestServlet();
139 ServletHolder holder = new ServletHolder(servlet);
140 ServletContextHandler context = server1.addContext(contextPath);
141 context.addServlet(holder, servletMapping);
142 TestHttpSessionListener listener = new TestHttpSessionListener();
143
144 context.getSessionHandler().addEventListener(listener);
145
146 server1.start();
147 int port1 = server1.getPort();
148
149 try
150 {
151 HttpClient client = new HttpClient();
152 client.start();
153 String url = "http://localhost:" + port1 + contextPath + servletMapping;
154
155
156 ContentResponse response1 = client.GET(url + "?action=init");
157 assertEquals(HttpServletResponse.SC_OK,response1.getStatus());
158 String sessionCookie = response1.getHeaders().get("Set-Cookie");
159 assertTrue(sessionCookie != null);
160
161 sessionCookie = sessionCookie.replaceFirst("(\\W)(P|p)ath=", "$1\\$Path=");
162
163 String sessionId = AbstractTestServer.extractSessionId(sessionCookie);
164
165 verifySessionCreated(listener,sessionId);
166
167
168 server1.stop();
169
170
171 pause(inactivePeriod);
172
173
174 server1.start();
175
176 port1 = server1.getPort();
177 url = "http://localhost:" + port1 + contextPath + servletMapping;
178
179
180 Request request = client.newRequest(url + "?action=test");
181 request.getHeaders().add("Cookie", sessionCookie);
182 ContentResponse response2 = request.send();
183 assertEquals(HttpServletResponse.SC_OK,response2.getStatus());
184
185
186 pause(inactivePeriod);
187
188 verifySessionDestroyed (listener, sessionId);
189 }
190 finally
191 {
192 server1.stop();
193 }
194 }
195 public void verifySessionCreated (TestHttpSessionListener listener, String sessionId)
196 {
197 assertTrue(listener.createdSessions.contains(sessionId));
198 }
199 public void verifySessionDestroyed (TestHttpSessionListener listener, String sessionId)
200 {
201 assertTrue (listener.destroyedSessions.contains(sessionId));
202 }
203
204
205
206 public static class TestServlet extends HttpServlet
207 {
208 public String originalId = null;
209
210 @Override
211 protected void doGet(HttpServletRequest request, HttpServletResponse httpServletResponse) throws ServletException, IOException
212 {
213 String action = request.getParameter("action");
214 if ("init".equals(action))
215 {
216 HttpSession session = request.getSession(true);
217 session.setAttribute("test", "test");
218 originalId = session.getId();
219 }
220 else if ("test".equals(action))
221 {
222 HttpSession session = request.getSession(true);
223 assertTrue(session != null);
224 assertTrue(!originalId.equals(session.getId()));
225 }
226 else if ("notexpired".equals(action))
227 {
228 HttpSession session = request.getSession(false);
229 assertTrue(session != null);
230 assertTrue(originalId.equals(session.getId()));
231 }
232
233 }
234 }
235 }