mindol1004/spring-session
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

HeaderSessionStrategy uses response.setHeader

Browse Source 
Previously multiple headers might be outputed. This ensures that only a
single header is sent back with the session id.

Fixes #32
This commit is contained in:
Rob Winch
2014-08-01 15:16:02 -05:00
parent 2732a183f3
commit a4e003ebf1
2 changed files with 87 additions and 66 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
spring-session/src/main/java/org/springframework/session/web/http/HeaderHttpSessionStrategy.java
View File

@@ -60,12 +60,12 @@ public class HeaderHttpSessionStrategy implements HttpSessionStrategy {
@Override
public void onNewSession(Session session, HttpServletRequest request, HttpServletResponse response) {
response.addHeader(headerName, session.getId());
response.setHeader(headerName, session.getId());
}
@Override
public void onInvalidateSession(HttpServletRequest request, HttpServletResponse response) {
response.addHeader(headerName, "");
response.setHeader(headerName, "");
}
/**

149
spring-session/src/test/java/org/springframework/session/web/http/HeaderSessionStrategyTests.java
View File

@@ -11,81 +11,102 @@ import org.springframework.session.web.http.HeaderHttpSessionStrategy;
import static org.fest.assertions.Assertions.assertThat;
public class HeaderSessionStrategyTests {
private MockHttpServletRequest request;
private MockHttpServletResponse response;
private MockHttpServletRequest request;
private MockHttpServletResponse response;
private HeaderHttpSessionStrategy strategy;
private String headerName;
private Session session;
private HeaderHttpSessionStrategy strategy;
private String headerName;
private Session session;
@Before
public void setup() throws Exception {
headerName = "x-auth-token";
session = new MapSession();
request = new MockHttpServletRequest();
response = new MockHttpServletResponse();
strategy = new HeaderHttpSessionStrategy();
}
@Before
public void setup() throws Exception {
headerName = "x-auth-token";
session = new MapSession();
request = new MockHttpServletRequest();
response = new MockHttpServletResponse();
strategy = new HeaderHttpSessionStrategy();
}
@Test
public void getRequestedSessionIdNull() throws Exception {
assertThat(strategy.getRequestedSessionId(request)).isNull();
}
@Test
public void getRequestedSessionIdNull() throws Exception {
assertThat(strategy.getRequestedSessionId(request)).isNull();
}
@Test
public void getRequestedSessionIdNotNull() throws Exception {
setSessionId(session.getId());
assertThat(strategy.getRequestedSessionId(request)).isEqualTo(session.getId());
}
@Test
public void getRequestedSessionIdNotNull() throws Exception {
setSessionId(session.getId());
assertThat(strategy.getRequestedSessionId(request)).isEqualTo(session.getId());
}
@Test
public void getRequestedSessionIdNotNullCustomHeaderName() throws Exception {
setHeaderName("CUSTOM");
setSessionId(session.getId());
assertThat(strategy.getRequestedSessionId(request)).isEqualTo(session.getId());
}
@Test
public void getRequestedSessionIdNotNullCustomHeaderName() throws Exception {
setHeaderName("CUSTOM");
setSessionId(session.getId());
assertThat(strategy.getRequestedSessionId(request)).isEqualTo(session.getId());
}
@Test
public void onNewSession() throws Exception {
strategy.onNewSession(session, request, response);
assertThat(getSessionId()).isEqualTo(session.getId());
}
@Test
public void onNewSession() throws Exception {
strategy.onNewSession(session, request, response);
assertThat(getSessionId()).isEqualTo(session.getId());
}
@Test
public void onNewSessionCustomHeaderName() throws Exception {
setHeaderName("CUSTOM");
strategy.onNewSession(session, request, response);
assertThat(getSessionId()).isEqualTo(session.getId());
}
// the header is set as apposed to added
@Test
public void onNewSessionMulti() throws Exception {
strategy.onNewSession(session, request, response);
strategy.onNewSession(session, request, response);
@Test
public void onDeleteSession() throws Exception {
strategy.onInvalidateSession(request, response);
assertThat(getSessionId()).isEmpty();
}
assertThat(response.getHeaders(headerName).size()).isEqualTo(1);
assertThat(response.getHeaders(headerName)).containsOnly(session.getId());
}
@Test
public void onDeleteSessionCustomHeaderName() throws Exception {
setHeaderName("CUSTOM");
strategy.onInvalidateSession(request, response);
assertThat(getSessionId()).isEmpty();
}
@Test
public void onNewSessionCustomHeaderName() throws Exception {
setHeaderName("CUSTOM");
strategy.onNewSession(session, request, response);
assertThat(getSessionId()).isEqualTo(session.getId());
}
@Test(expected = IllegalArgumentException.class)
public void setHeaderNameNull() throws Exception {
strategy.setHeaderName(null);
}
@Test
public void onDeleteSession() throws Exception {
strategy.onInvalidateSession(request, response);
assertThat(getSessionId()).isEmpty();
}
public void setHeaderName(String headerName) {
strategy.setHeaderName(headerName);
this.headerName = headerName;
}
public void setSessionId(String id) {
request.addHeader(headerName, id);
}
// the header is set as apposed to added
@Test
public void onDeleteSessionMulti() throws Exception {
strategy.onInvalidateSession(request, response);
strategy.onInvalidateSession(request, response);
public String getSessionId() {
return response.getHeader(headerName);
}
assertThat(response.getHeaders(headerName).size()).isEqualTo(1);
assertThat(getSessionId()).isEmpty();
}
@Test
public void onDeleteSessionCustomHeaderName() throws Exception {
setHeaderName("CUSTOM");
strategy.onInvalidateSession(request, response);
assertThat(getSessionId()).isEmpty();
}
@Test(expected = IllegalArgumentException.class)
public void setHeaderNameNull() throws Exception {
strategy.setHeaderName(null);
}
public void setHeaderName(String headerName) {
strategy.setHeaderName(headerName);
this.headerName = headerName;
}
public void setSessionId(String id) {
request.addHeader(headerName, id);
}
public String getSessionId() {
return response.getHeader(headerName);
}
}