diff --git a/spring-session/src/main/java/org/springframework/session/web/http/SessionRepositoryFilter.java b/spring-session/src/main/java/org/springframework/session/web/http/SessionRepositoryFilter.java index 10851abe..d4a7e0a7 100644 --- a/spring-session/src/main/java/org/springframework/session/web/http/SessionRepositoryFilter.java +++ b/spring-session/src/main/java/org/springframework/session/web/http/SessionRepositoryFilter.java @@ -90,7 +90,8 @@ public class SessionRepositoryFilter /** * Invalid session id (not backed by the session repository) request attribute name. */ - public static final String INVALID_SESSION_ID_ATTR = SESSION_REPOSITORY_ATTR + ".invalidSessionId"; + public static final String INVALID_SESSION_ID_ATTR = SESSION_REPOSITORY_ATTR + + ".invalidSessionId"; /** * The default filter order. @@ -143,6 +144,7 @@ public class SessionRepositoryFilter this.httpSessionStrategy = httpSessionStrategy; } + @Override protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException { @@ -297,6 +299,7 @@ public class SessionRepositoryFilter return newSession.getId(); } + @Override public boolean isRequestedSessionIdValid() { if (this.requestedSessionIdValid == null) { String sessionId = getRequestedSessionId(); @@ -335,7 +338,8 @@ public class SessionRepositoryFilter return currentSession; } String requestedSessionId = getRequestedSessionId(); - if (requestedSessionId != null && getAttribute(INVALID_SESSION_ID_ATTR) == null) { + if (requestedSessionId != null + && getAttribute(INVALID_SESSION_ID_ATTR) == null) { S session = getSession(requestedSessionId); if (session != null) { this.requestedSessionIdValid = true; @@ -343,10 +347,13 @@ public class SessionRepositoryFilter currentSession.setNew(false); setCurrentSession(currentSession); return currentSession; - } else { - // This is an invalid session id. No need to ask again if request.getSession is invoked for the duration of this request + } + else { + // This is an invalid session id. No need to ask again if + // request.getSession is invoked for the duration of this request if (SESSION_LOGGER.isDebugEnabled()) { - SESSION_LOGGER.debug("No session found by id: Caching result for getSession(false) for this HttpServletRequest."); + SESSION_LOGGER.debug( + "No session found by id: Caching result for getSession(false) for this HttpServletRequest."); } setAttribute(INVALID_SESSION_ID_ATTR, "true"); } @@ -368,6 +375,7 @@ public class SessionRepositoryFilter return currentSession; } + @Override public ServletContext getServletContext() { if (this.servletContext != null) { return this.servletContext; @@ -399,6 +407,7 @@ public class SessionRepositoryFilter super(session, servletContext); } + @Override public void invalidate() { super.invalidate(); SessionRepositoryRequestWrapper.this.requestedSessionInvalidated = true; diff --git a/spring-session/src/test/java/org/springframework/session/web/http/SessionRepositoryFilterTests.java b/spring-session/src/test/java/org/springframework/session/web/http/SessionRepositoryFilterTests.java index 179e571a..78819a00 100644 --- a/spring-session/src/test/java/org/springframework/session/web/http/SessionRepositoryFilterTests.java +++ b/spring-session/src/test/java/org/springframework/session/web/http/SessionRepositoryFilterTests.java @@ -62,9 +62,9 @@ import static org.mockito.Matchers.eq; import static org.mockito.Mockito.never; import static org.mockito.Mockito.reset; import static org.mockito.Mockito.spy; +import static org.mockito.Mockito.times; import static org.mockito.Mockito.verify; import static org.mockito.Mockito.verifyZeroInteractions; -import static org.mockito.internal.verification.VerificationModeFactory.times; @RunWith(MockitoJUnitRunner.class) @SuppressWarnings("deprecation") @@ -1343,9 +1343,11 @@ public class SessionRepositoryFilterTests { } @Test - public void getSessionFalseWithInvalidSessionIdShouldOnlyAskRepositoryOnce() throws ServletException, IOException { + public void getSessionFalseWithInvalidSessionIdShouldOnlyAskRepositoryOnce() + throws ServletException, IOException { this.sessionRepository = spy(this.sessionRepository); - this.filter = new SessionRepositoryFilter(this.sessionRepository); + this.filter = new SessionRepositoryFilter( + this.sessionRepository); final String nonExistantSessionId = "nonExistantSessionId"; setSessionCookie(nonExistantSessionId); @@ -1354,19 +1356,28 @@ public class SessionRepositoryFilterTests { @Override public void doFilter(HttpServletRequest wrappedRequest) { // Before first invocation - assertThat(SessionRepositoryFilterTests.this.request.getAttribute(SessionRepositoryFilter.INVALID_SESSION_ID_ATTR)).isNull(); + assertThat(SessionRepositoryFilterTests.this.request + .getAttribute(SessionRepositoryFilter.INVALID_SESSION_ID_ATTR)) + .isNull(); - // First call should go all the way through to the sessioRepository (it will not find the session) + // First call should go all the way through to the sessioRepository (it + // will not find the session) HttpSession session = wrappedRequest.getSession(false); - verify(sessionRepository, times(1)).getSession(nonExistantSessionId); + verify(SessionRepositoryFilterTests.this.sessionRepository, times(1)) + .getSession(nonExistantSessionId); assertThat(session).isNull(); - assertThat(SessionRepositoryFilterTests.this.request.getAttribute(SessionRepositoryFilter.INVALID_SESSION_ID_ATTR)).isNotNull(); + assertThat(SessionRepositoryFilterTests.this.request + .getAttribute(SessionRepositoryFilter.INVALID_SESSION_ID_ATTR)) + .isNotNull(); // Second call should not reach the sessionRepository session = wrappedRequest.getSession(false); - verify(sessionRepository, times(1)).getSession(nonExistantSessionId); // still only called once + verify(SessionRepositoryFilterTests.this.sessionRepository, times(1)) + .getSession(nonExistantSessionId); // still only called once assertThat(session).isNull(); - assertThat(SessionRepositoryFilterTests.this.request.getAttribute(SessionRepositoryFilter.INVALID_SESSION_ID_ATTR)).isNotNull(); + assertThat(SessionRepositoryFilterTests.this.request + .getAttribute(SessionRepositoryFilter.INVALID_SESSION_ID_ATTR)) + .isNotNull(); } }); }