Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-05-31 09:12:14 +00:00
Code Issues Packages Projects Releases Wiki Activity

SEC-900: Added extra checks on expiry time

Browse Source
This commit is contained in:
Luke Taylor 2008-07-02 18:40:55 +00:00
parent d5df35f739
commit 479693ced7
1 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
core/src/test/java/org/springframework/security/ui/rememberme/TokenBasedRememberMeServicesTests.java
View File

@ -343,7 +343,7 @@ public class TokenBasedRememberMeServicesTests extends TestCase {
public void testLoginSuccessNormalWithNonUserDetailsBasedPrincipal() {
TokenBasedRememberMeServices services = new TokenBasedRememberMeServices();
// SEC-822
services.setTokenValiditySeconds(5000000);
services.setTokenValiditySeconds(500000000);
MockHttpServletRequest request = new MockHttpServletRequest();
request.setRequestURI("d");
request.addParameter(TokenBasedRememberMeServices.DEFAULT_PARAMETER, "true");
@ -354,6 +354,10 @@ public class TokenBasedRememberMeServicesTests extends TestCase {
new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ABC")}));
Cookie cookie = response.getCookie(TokenBasedRememberMeServices.SPRING_SECURITY_REMEMBER_ME_COOKIE_KEY);
String expiryTime = services.decodeCookie(cookie.getValue())[1];
long expectedExpiryTime = 1000L * 500000000;
expectedExpiryTime += System.currentTimeMillis();
assertTrue(Long.parseLong(expiryTime) > expectedExpiryTime - 10000);
assertNotNull(cookie);
assertEquals(services.getTokenValiditySeconds(), cookie.getMaxAge());
assertTrue(Base64.isArrayByteBase64(cookie.getValue().getBytes()));