From 818e36f6bd45c4f00912db36d202b104f4bb2f10 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thiago=20Henrique=20H=C3=BCpner?= Date: Mon, 2 Nov 2020 21:52:36 -0300 Subject: [PATCH] Fixes issue #1247 - Copy attributes from the session manager to the session cookie (#1248) --- test/snoop/pom.xml | 5 +-- test/vaadin/pom.xml | 5 +-- .../impl/DefaultHttpSessionManager.java | 7 ++++ .../impl/DefaultHttpSessionManagerTest.java | 33 ++++++++++++++++++- 4 files changed, 45 insertions(+), 5 deletions(-) diff --git a/test/snoop/pom.xml b/test/snoop/pom.xml index 1a4b93a1e0..49e04b8f94 100644 --- a/test/snoop/pom.xml +++ b/test/snoop/pom.xml @@ -19,8 +19,9 @@ - jakarta.servlet - jakarta.servlet-api + cloud.piranha.servlet + piranha-servlet-api + ${project.version} provided diff --git a/test/vaadin/pom.xml b/test/vaadin/pom.xml index e9fd6ad7f1..ac2ad77112 100644 --- a/test/vaadin/pom.xml +++ b/test/vaadin/pom.xml @@ -30,8 +30,9 @@ compile - jakarta.servlet - jakarta.servlet-api + cloud.piranha.servlet + piranha-servlet-api + ${project.version} provided diff --git a/webapp/impl/src/main/java/cloud/piranha/webapp/impl/DefaultHttpSessionManager.java b/webapp/impl/src/main/java/cloud/piranha/webapp/impl/DefaultHttpSessionManager.java index 5347dcaaeb..fa28e7aa31 100644 --- a/webapp/impl/src/main/java/cloud/piranha/webapp/impl/DefaultHttpSessionManager.java +++ b/webapp/impl/src/main/java/cloud/piranha/webapp/impl/DefaultHttpSessionManager.java @@ -143,6 +143,7 @@ public DefaultHttpSessionManager() { name = "JSESSIONID"; sessionListeners = new ArrayList<>(1); sessionTimeout = 10; + maxAge = -1; sessions = new ConcurrentHashMap<>(); } @@ -162,6 +163,12 @@ public synchronized HttpSession createSession(HttpServletRequest request) { cookie.setPath("".equals(webApplication.getContextPath()) ? "/" : webApplication.getContextPath()); } + cookie.setComment(comment); + cookie.setDomain(domain); + cookie.setHttpOnly(httpOnly); + cookie.setMaxAge(maxAge); + cookie.setSecure(secure); + response.addCookie(cookie); sessionListeners.stream().forEach(sessionListener -> sessionListener.sessionCreated(new HttpSessionEvent(session))); diff --git a/webapp/impl/src/test/java/cloud/piranha/webapp/impl/DefaultHttpSessionManagerTest.java b/webapp/impl/src/test/java/cloud/piranha/webapp/impl/DefaultHttpSessionManagerTest.java index bd9194dc05..9a771e08db 100644 --- a/webapp/impl/src/test/java/cloud/piranha/webapp/impl/DefaultHttpSessionManagerTest.java +++ b/webapp/impl/src/test/java/cloud/piranha/webapp/impl/DefaultHttpSessionManagerTest.java @@ -28,6 +28,7 @@ package cloud.piranha.webapp.impl; import javax.servlet.SessionTrackingMode; +import javax.servlet.http.Cookie; import javax.servlet.http.HttpSession; import static org.junit.jupiter.api.Assertions.*; import org.junit.jupiter.api.Test; @@ -83,7 +84,7 @@ void testGetMaxAge() { DefaultWebApplication webApplication = new DefaultWebApplication(); DefaultHttpSessionManager sessionManager = new DefaultHttpSessionManager(); sessionManager.setWebApplication(webApplication); - assertEquals(0, sessionManager.getMaxAge()); + assertEquals(-1, sessionManager.getMaxAge()); sessionManager.setMaxAge(60); assertEquals(60, sessionManager.getMaxAge()); } @@ -218,4 +219,34 @@ void testSetSSLTrackingModeWithOtherMethod() { EnumSet sslAndCookie = EnumSet.of(SessionTrackingMode.COOKIE, SessionTrackingMode.SSL); assertThrows(IllegalArgumentException.class, () -> sessionManager.setSessionTrackingModes(sslAndCookie)); } + + @Test + void testSetCookieAttributes() { + DefaultWebApplication webApp = new DefaultWebApplication(); + DefaultHttpSessionManager sessionManager = new DefaultHttpSessionManager(); + sessionManager.setWebApplication(webApp); + TestWebApplicationRequest request = new TestWebApplicationRequest(); + TestWebApplicationResponse response = new TestWebApplicationResponse(); + webApp.linkRequestAndResponse(request, response); + + sessionManager.setComment("Comment"); + sessionManager.setDomain("SessionCookie"); + sessionManager.setHttpOnly(true); + sessionManager.setName("SessionCookie"); + sessionManager.setMaxAge(100); + sessionManager.setPath("/context"); + sessionManager.setSecure(true); + + sessionManager.createSession(request); + + Cookie sessionCookie = response.getCookies().stream().filter(cookie -> "SessionCookie".equals(cookie.getName())).findFirst().orElse(null); + assertNotNull(sessionCookie); + + assertEquals(sessionManager.getComment(), sessionCookie.getComment()); + assertEquals(sessionManager.getDomain(), sessionCookie.getDomain()); + assertTrue(sessionCookie.isHttpOnly()); + assertEquals(sessionManager.getMaxAge(), sessionCookie.getMaxAge()); + assertEquals(sessionManager.getPath(), sessionCookie.getPath()); + assertTrue(sessionCookie.getSecure()); + } }