View Javadoc

1   //
2   //  ========================================================================
3   //  Copyright (c) 1995-2013 Mort Bay Consulting Pty. Ltd.
4   //  ------------------------------------------------------------------------
5   //  All rights reserved. This program and the accompanying materials
6   //  are made available under the terms of the Eclipse Public License v1.0
7   //  and Apache License v2.0 which accompanies this distribution.
8   //
9   //      The Eclipse Public License is available at
10  //      http://www.eclipse.org/legal/epl-v10.html
11  //
12  //      The Apache License v2.0 is available at
13  //      http://www.opensource.org/licenses/apache2.0.php
14  //
15  //  You may elect to redistribute this code under either of these licenses.
16  //  ========================================================================
17  //
18  
19  package org.eclipse.jetty.server.session;
20  
21  import static org.junit.Assert.*;
22  
23  import java.io.IOException;
24  import java.util.EventListener;
25  
26  import javax.servlet.ServletException;
27  import javax.servlet.http.HttpServlet;
28  import javax.servlet.http.HttpServletRequest;
29  import javax.servlet.http.HttpServletResponse;
30  import javax.servlet.http.HttpSession;
31  import javax.servlet.http.HttpSessionActivationListener;
32  import javax.servlet.http.HttpSessionEvent;
33  import javax.servlet.http.HttpSessionListener;
34  
35  import org.eclipse.jetty.client.ContentExchange;
36  import org.eclipse.jetty.client.HttpClient;
37  import org.eclipse.jetty.http.HttpMethods;
38  import org.eclipse.jetty.servlet.ServletContextHandler;
39  import org.junit.Test;
40  
41  public abstract class AbstractRemoveSessionTest
42  {
43      public abstract AbstractTestServer createServer(int port, int max, int scavenge);
44      
45      
46      @Test
47      public void testRemoveSession() throws Exception
48      {
49          String contextPath = "";
50          String servletMapping = "/server";
51          int scavengePeriod = 3;
52          AbstractTestServer server = createServer(0, 1, scavengePeriod);
53          ServletContextHandler context = server.addContext(contextPath);
54          context.addServlet(TestServlet.class, servletMapping);
55          TestEventListener testListener = new TestEventListener();
56          context.getSessionHandler().addEventListener(testListener);
57          server.start();
58          int port = server.getPort();
59          try
60          {
61              HttpClient client = new HttpClient();
62              client.setConnectorType(HttpClient.CONNECTOR_SOCKET);
63              client.start();
64              try
65              {
66                  ContentExchange exchange = new ContentExchange(true);
67                  exchange.setMethod(HttpMethods.GET);
68                  exchange.setURL("http://localhost:" + port + contextPath + servletMapping + "?action=create");
69                  client.send(exchange);
70                  exchange.waitForDone();
71                  assertEquals(HttpServletResponse.SC_OK,exchange.getResponseStatus());
72                  String sessionCookie = exchange.getResponseFields().getStringField("Set-Cookie");
73                  assertTrue(sessionCookie != null);
74                  // Mangle the cookie, replacing Path with $Path, etc.
75                  sessionCookie = sessionCookie.replaceFirst("(\\W)(P|p)ath=", "$1\\$Path=");
76                  //ensure sessionCreated listener is called
77                  assertTrue (testListener.isCreated());
78  
79                  //now delete the session
80                  exchange = new ContentExchange(true);
81                  exchange.setMethod(HttpMethods.GET);
82                  exchange.setURL("http://localhost:" + port + contextPath + servletMapping + "?action=delete");
83                  exchange.getRequestFields().add("Cookie", sessionCookie);
84                  client.send(exchange);
85                  exchange.waitForDone();
86                  assertEquals(HttpServletResponse.SC_OK,exchange.getResponseStatus());
87                  //ensure sessionDestroyed listener is called
88                  assertTrue(testListener.isDestroyed());
89                  
90                  
91                  // The session is not there anymore, but we present an old cookie
92                  // The server creates a new session, we must ensure we released all locks
93                  exchange = new ContentExchange(true);
94                  exchange.setMethod(HttpMethods.GET);
95                  exchange.setURL("http://localhost:" + port + contextPath + servletMapping + "?action=check");
96                  exchange.getRequestFields().add("Cookie", sessionCookie);
97                  client.send(exchange);
98                  exchange.waitForDone();
99                  assertEquals(HttpServletResponse.SC_OK,exchange.getResponseStatus());
100             }
101             finally
102             {
103                 client.stop();
104             }
105         }
106         finally
107         {
108             server.stop();
109         }
110 
111     }
112     public static class TestServlet extends HttpServlet
113     {
114         protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException
115         {
116             String action = request.getParameter("action");
117             if ("create".equals(action))
118             {
119                 request.getSession(true);
120             }
121             else if ("delete".equals(action))
122             {
123                 HttpSession s = request.getSession(false);
124                 assertNotNull(s);
125                 s.invalidate();
126                 s = request.getSession(false);
127                 assertNull(s);
128             }
129             else
130             {
131                HttpSession s = request.getSession(false);
132                assertNull(s);
133             }
134         }
135     }
136     
137     public static class TestEventListener implements HttpSessionListener
138     {
139         boolean wasCreated;
140         boolean wasDestroyed;
141 
142         public void sessionCreated(HttpSessionEvent se)
143         {
144             wasCreated = true;
145         }
146 
147         public void sessionDestroyed(HttpSessionEvent se)
148         {
149            wasDestroyed = true;
150         }
151 
152         public boolean isDestroyed()
153         {
154             return wasDestroyed;
155         }
156 
157 
158         public boolean isCreated()
159         {
160             return wasCreated;
161         }
162 
163     }
164     
165 }