Search in sources :

Example 6 with ExpiredSessionException

use of org.apache.shiro.session.ExpiredSessionException in project shiro by apache.

the class DefaultSessionManagerTest method testSessionDeleteOnExpiration.

@Test
public void testSessionDeleteOnExpiration() {
    sm.setGlobalSessionTimeout(100);
    SessionDAO sessionDAO = createMock(SessionDAO.class);
    sm.setSessionDAO(sessionDAO);
    String sessionId1 = UUID.randomUUID().toString();
    final SimpleSession session1 = new SimpleSession();
    session1.setId(sessionId1);
    final Session[] activeSession = new SimpleSession[] { session1 };
    sm.setSessionFactory(new SessionFactory() {

        public Session createSession(SessionContext initData) {
            return activeSession[0];
        }
    });
    expect(sessionDAO.create(eq(session1))).andReturn(sessionId1);
    sessionDAO.update(eq(session1));
    expectLastCall().anyTimes();
    replay(sessionDAO);
    Session session = sm.start(null);
    assertNotNull(session);
    verify(sessionDAO);
    reset(sessionDAO);
    expect(sessionDAO.readSession(sessionId1)).andReturn(session1).anyTimes();
    sessionDAO.update(eq(session1));
    replay(sessionDAO);
    sm.setTimeout(new DefaultSessionKey(sessionId1), 1);
    verify(sessionDAO);
    reset(sessionDAO);
    sleep(20);
    expect(sessionDAO.readSession(sessionId1)).andReturn(session1);
    // update's the stop timestamp
    sessionDAO.update(eq(session1));
    sessionDAO.delete(session1);
    replay(sessionDAO);
    // Try to access the same session, but it should throw an UnknownSessionException due to timeout:
    try {
        sm.getTimeout(new DefaultSessionKey(sessionId1));
        fail("Session with id [" + sessionId1 + "] should have expired due to timeout.");
    } catch (ExpiredSessionException expected) {
    // expected
    }
    // verify that the delete call was actually made on the DAO
    verify(sessionDAO);
}
Also used : SessionDAO(org.apache.shiro.session.mgt.eis.SessionDAO) ExpiredSessionException(org.apache.shiro.session.ExpiredSessionException) Session(org.apache.shiro.session.Session) Test(org.junit.Test)

Aggregations

ExpiredSessionException (org.apache.shiro.session.ExpiredSessionException)6 Session (org.apache.shiro.session.Session)4 Test (org.junit.Test)4 Serializable (java.io.Serializable)3 Subject (org.apache.shiro.subject.Subject)2 DateFormat (java.text.DateFormat)1 HttpServletRequest (javax.servlet.http.HttpServletRequest)1 HttpServletResponse (javax.servlet.http.HttpServletResponse)1 InvalidSessionException (org.apache.shiro.session.InvalidSessionException)1 StoppedSessionException (org.apache.shiro.session.StoppedSessionException)1 AbstractSessionManager (org.apache.shiro.session.mgt.AbstractSessionManager)1 SessionDAO (org.apache.shiro.session.mgt.eis.SessionDAO)1 ShiroHttpSession (org.apache.shiro.web.servlet.ShiroHttpSession)1 WebSubject (org.apache.shiro.web.subject.WebSubject)1