Include FilterChain in SessionInformationExpiredEvent
Closes gh-14077
This commit is contained in:
Ilpyo-Yang
Marcus Hert Da Coregio
parent
3117feff61
commit
095929f6e8
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright 2002-2022 the original author or authors.
|
||||
* Copyright 2002-2024 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
|
|
@ -141,7 +141,7 @@ public class ConcurrentSessionFilter extends GenericFilterBean {
|
|||
.of(() -> "Requested session ID " + request.getRequestedSessionId() + " has expired."));
|
||||
doLogout(request, response);
|
||||
this.sessionInformationExpiredStrategy
|
||||
.onExpiredSessionDetected(new SessionInformationExpiredEvent(info, request, response));
|
||||
.onExpiredSessionDetected(new SessionInformationExpiredEvent(info, request, response, chain));
|
||||
return;
|
||||
}
|
||||
// Non-expired - update last request date/time
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright 2012-2016 the original author or authors.
|
||||
* Copyright 2002-2024 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
|
|
@ -16,6 +16,7 @@
|
|||
|
||||
package org.springframework.security.web.session;
|
||||
|
||||
import jakarta.servlet.FilterChain;
|
||||
import jakarta.servlet.http.HttpServletRequest;
|
||||
import jakarta.servlet.http.HttpServletResponse;
|
||||
|
||||
|
|
@ -35,6 +36,8 @@ public final class SessionInformationExpiredEvent extends ApplicationEvent {
|
|||
|
||||
private final HttpServletResponse response;
|
||||
|
||||
private final FilterChain filterChain;
|
||||
|
||||
/**
|
||||
* Creates a new instance
|
||||
* @param sessionInformation the SessionInformation that is expired
|
||||
|
|
@ -43,11 +46,25 @@ public final class SessionInformationExpiredEvent extends ApplicationEvent {
|
|||
*/
|
||||
public SessionInformationExpiredEvent(SessionInformation sessionInformation, HttpServletRequest request,
|
||||
HttpServletResponse response) {
|
||||
this(sessionInformation, request, response, null);
|
||||
}
|
||||
|
||||
/**
|
||||
* Creates a new instance
|
||||
* @param sessionInformation the SessionInformation that is expired
|
||||
* @param request the HttpServletRequest
|
||||
* @param response the HttpServletResponse
|
||||
* @param filterChain the FilterChain
|
||||
* @since 6.4
|
||||
*/
|
||||
public SessionInformationExpiredEvent(SessionInformation sessionInformation, HttpServletRequest request,
|
||||
HttpServletResponse response, FilterChain filterChain) {
|
||||
super(sessionInformation);
|
||||
Assert.notNull(request, "request cannot be null");
|
||||
Assert.notNull(response, "response cannot be null");
|
||||
this.request = request;
|
||||
this.response = response;
|
||||
this.filterChain = filterChain;
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -68,4 +85,12 @@ public final class SessionInformationExpiredEvent extends ApplicationEvent {
|
|||
return (SessionInformation) getSource();
|
||||
}
|
||||
|
||||
/**
|
||||
* @return the filter chain. Can be {@code null}.
|
||||
* @since 6.4
|
||||
*/
|
||||
public FilterChain getFilterChain() {
|
||||
return this.filterChain;
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright 2012-2016 the original author or authors.
|
||||
* Copyright 2002-2024 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
|
|
@ -20,10 +20,12 @@ import java.util.Date;
|
|||
|
||||
import org.junit.jupiter.api.Test;
|
||||
|
||||
import org.springframework.mock.web.MockFilterChain;
|
||||
import org.springframework.mock.web.MockHttpServletRequest;
|
||||
import org.springframework.mock.web.MockHttpServletResponse;
|
||||
import org.springframework.security.core.session.SessionInformation;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
|
||||
/**
|
||||
|
|
@ -50,4 +52,13 @@ public class SessionInformationExpiredEventTests {
|
|||
new SessionInformation("fake", "sessionId", new Date()), new MockHttpServletRequest(), null));
|
||||
}
|
||||
|
||||
@Test
|
||||
void constructorWhenFilterChainThenGetFilterChainReturnsNotNull() {
|
||||
MockFilterChain filterChain = new MockFilterChain();
|
||||
SessionInformationExpiredEvent event = new SessionInformationExpiredEvent(
|
||||
new SessionInformation("fake", "sessionId", new Date()), new MockHttpServletRequest(),
|
||||
new MockHttpServletResponse(), filterChain);
|
||||
assertThat(event.getFilterChain()).isSameAs(filterChain);
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue