use of org.apache.shiro.session.ExpiredSessionException in project shiro by apache.
the class DefaultSessionManagerTest method testSessionDeleteOnExpiration.
@Test
public void testSessionDeleteOnExpiration() {
sm.setGlobalSessionTimeout(100);
SessionDAO sessionDAO = createMock(SessionDAO.class);
sm.setSessionDAO(sessionDAO);
String sessionId1 = UUID.randomUUID().toString();
final SimpleSession session1 = new SimpleSession();
session1.setId(sessionId1);
final Session[] activeSession = new SimpleSession[] { session1 };
sm.setSessionFactory(new SessionFactory() {
public Session createSession(SessionContext initData) {
return activeSession[0];
}
});
expect(sessionDAO.create(eq(session1))).andReturn(sessionId1);
sessionDAO.update(eq(session1));
expectLastCall().anyTimes();
replay(sessionDAO);
Session session = sm.start(null);
assertNotNull(session);
verify(sessionDAO);
reset(sessionDAO);
expect(sessionDAO.readSession(sessionId1)).andReturn(session1).anyTimes();
sessionDAO.update(eq(session1));
replay(sessionDAO);
sm.setTimeout(new DefaultSessionKey(sessionId1), 1);
verify(sessionDAO);
reset(sessionDAO);
sleep(20);
expect(sessionDAO.readSession(sessionId1)).andReturn(session1);
// update's the stop timestamp
sessionDAO.update(eq(session1));
sessionDAO.delete(session1);
replay(sessionDAO);
// Try to access the same session, but it should throw an UnknownSessionException due to timeout:
try {
sm.getTimeout(new DefaultSessionKey(sessionId1));
fail("Session with id [" + sessionId1 + "] should have expired due to timeout.");
} catch (ExpiredSessionException expected) {
// expected
}
// verify that the delete call was actually made on the DAO
verify(sessionDAO);
}
Aggregations