Examples with HttpSession jakarta.servlet.http.HttpSession used on opensource projects

Search in sources :

Example 11 with HttpSession

use of jakarta.servlet.http.HttpSession in project spring-security by spring-projects.

the class SessionManagementConfigurerTests method sessionManagementWhenInvokedTwiceThenUsesOriginalSessionCreationPolicy.

@Test
public void sessionManagementWhenInvokedTwiceThenUsesOriginalSessionCreationPolicy() throws Exception {
    this.spring.register(InvokeTwiceDoesNotOverride.class).autowire();
    MvcResult mvcResult = this.mvc.perform(get("/")).andReturn();
    HttpSession session = mvcResult.getRequest().getSession(false);
    assertThat(session).isNull();
}
Also used : HttpSession(jakarta.servlet.http.HttpSession) MockHttpSession(org.springframework.mock.web.MockHttpSession) MvcResult(org.springframework.test.web.servlet.MvcResult) Test(org.junit.jupiter.api.Test)

Example 12 with HttpSession

use of jakarta.servlet.http.HttpSession in project spring-security by spring-projects.

the class RememberMeConfigurerTests method getWhenRememberMeCookieAndLoggedOutThenRedirectsToLogin.

@Test
public void getWhenRememberMeCookieAndLoggedOutThenRedirectsToLogin() throws Exception {
    this.spring.register(RememberMeConfig.class).autowire();
    // @formatter:off
    MockHttpServletRequestBuilder loginRequest = post("/login").with(csrf()).param("username", "user").param("password", "password").param("remember-me", "true");
    // @formatter:on
    MvcResult loginMvcResult = this.mvc.perform(loginRequest).andReturn();
    Cookie rememberMeCookie = loginMvcResult.getResponse().getCookie("remember-me");
    HttpSession session = loginMvcResult.getRequest().getSession();
    // @formatter:off
    MockHttpServletRequestBuilder logoutRequest = post("/logout").with(csrf()).cookie(rememberMeCookie).session((MockHttpSession) session);
    // @formatter:on
    MvcResult logoutMvcResult = this.mvc.perform(logoutRequest).andReturn();
    Cookie expiredRememberMeCookie = logoutMvcResult.getResponse().getCookie("remember-me");
    // @formatter:off
    MockHttpServletRequestBuilder expiredRequest = get("/abc").with(csrf()).cookie(expiredRememberMeCookie);
    // @formatter:on
    this.mvc.perform(expiredRequest).andExpect(redirectedUrl("http://localhost/login"));
}
Also used : Cookie(jakarta.servlet.http.Cookie) HttpSession(jakarta.servlet.http.HttpSession) MockHttpSession(org.springframework.mock.web.MockHttpSession) MockHttpServletRequestBuilder(org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder) MvcResult(org.springframework.test.web.servlet.MvcResult) Test(org.junit.jupiter.api.Test)

Example 13 with HttpSession

use of jakarta.servlet.http.HttpSession in project spring-security by spring-projects.

the class NamespaceHttpRequestCacheTests method requestWhenDefaultConfigurationThenUsesHttpSessionRequestCache.

@Test
public void requestWhenDefaultConfigurationThenUsesHttpSessionRequestCache() throws Exception {
    this.spring.register(DefaultRequestCacheRefConfig.class).autowire();
    MvcResult result = this.mvc.perform(get("/")).andExpect(status().isForbidden()).andReturn();
    HttpSession session = result.getRequest().getSession(false);
    assertThat(session).isNotNull();
    assertThat(session.getAttribute("SPRING_SECURITY_SAVED_REQUEST")).isNotNull();
}
Also used : HttpSession(jakarta.servlet.http.HttpSession) MvcResult(org.springframework.test.web.servlet.MvcResult) Test(org.junit.jupiter.api.Test)

Example 14 with HttpSession

use of jakarta.servlet.http.HttpSession in project spring-security by spring-projects.

the class HttpSessionDestroyedEvent method getSecurityContexts.

@SuppressWarnings("unchecked")
@Override
public List<SecurityContext> getSecurityContexts() {
    HttpSession session = getSession();
    Enumeration<String> attributes = session.getAttributeNames();
    ArrayList<SecurityContext> contexts = new ArrayList<>();
    while (attributes.hasMoreElements()) {
        String attributeName = attributes.nextElement();
        Object attributeValue = session.getAttribute(attributeName);
        if (attributeValue instanceof SecurityContext) {
            contexts.add((SecurityContext) attributeValue);
        }
    }
    return contexts;
}
Also used : HttpSession(jakarta.servlet.http.HttpSession) SecurityContext(org.springframework.security.core.context.SecurityContext) ArrayList(java.util.ArrayList)

Example 15 with HttpSession

use of jakarta.servlet.http.HttpSession in project spring-security by spring-projects.

the class DefaultSessionAuthenticationStrategyTests method onAuthenticationWhenMigrateSessionAttributesTrueThenMaxInactiveIntervalIsMigrated.

@Test
public void onAuthenticationWhenMigrateSessionAttributesTrueThenMaxInactiveIntervalIsMigrated() {
    SessionFixationProtectionStrategy strategy = new SessionFixationProtectionStrategy();
    HttpServletRequest request = new MockHttpServletRequest();
    HttpSession session = request.getSession();
    session.setMaxInactiveInterval(1);
    Authentication mockAuthentication = mock(Authentication.class);
    strategy.onAuthentication(mockAuthentication, request, new MockHttpServletResponse());
    assertThat(request.getSession().getMaxInactiveInterval()).isEqualTo(1);
}
Also used : HttpServletRequest(jakarta.servlet.http.HttpServletRequest) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) HttpSession(jakarta.servlet.http.HttpSession) Authentication(org.springframework.security.core.Authentication) SessionFixationProtectionStrategy(org.springframework.security.web.authentication.session.SessionFixationProtectionStrategy) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.jupiter.api.Test)

Aggregations

HttpSession (jakarta.servlet.http.HttpSession)98 Test (org.junit.jupiter.api.Test)38 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)17 MvcResult (org.springframework.test.web.servlet.MvcResult)16 HttpServletRequest (jakarta.servlet.http.HttpServletRequest)12 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)12 MockHttpSession (org.springframework.mock.web.MockHttpSession)12 MockHttpServletRequest (org.springframework.web.testfixture.servlet.MockHttpServletRequest)11 Map (java.util.Map)10 MockHttpServletResponse (org.springframework.web.testfixture.servlet.MockHttpServletResponse)9 SecurityContext (org.springframework.security.core.context.SecurityContext)7 PathPatternsParameterizedTest (org.springframework.web.servlet.handler.PathPatternsParameterizedTest)7 Authentication (org.springframework.security.core.Authentication)6 Cookie (jakarta.servlet.http.Cookie)5 Request (org.apache.catalina.connector.Request)5 OAuth2AuthorizedClient (org.springframework.security.oauth2.client.OAuth2AuthorizedClient)5 SessionFixationProtectionStrategy (org.springframework.security.web.authentication.session.SessionFixationProtectionStrategy)5 Response (org.apache.catalina.connector.Response)4 RootBeanDefinition (org.springframework.beans.factory.support.RootBeanDefinition)4 PrintWriter (java.io.PrintWriter)3
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial