SEC-1241: Make sure saved request is removed after a match.

This commit is contained in:
Luke Taylor 2009-09-09 10:11:45 +00:00
parent 9d26527f30
commit ac4e7bbadb
3 changed files with 30 additions and 1 deletions

View File

@ -71,6 +71,8 @@ public class HttpSessionRequestCache implements RequestCache {
return null;
}
removeRequest(request, response);
return new SavedRequestAwareWrapper(saved, request);
}

View File

@ -39,7 +39,7 @@ public interface RequestCache {
HttpServletRequest getMatchingRequest(HttpServletRequest request, HttpServletResponse response);
/**
* Removes and returns the cached request
* Removes the cached request
* @param currentRequest
*/
void removeRequest(HttpServletRequest request, HttpServletResponse response);

View File

@ -0,0 +1,27 @@
package org.springframework.security.web.savedrequest;
import static org.junit.Assert.*;
import org.junit.Test;
import org.springframework.mock.web.MockFilterChain;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
public class RequestCacheAwareFilterTests {
@Test
public void savedRequestIsRemovedAfterMatch() throws Exception {
RequestCacheAwareFilter filter = new RequestCacheAwareFilter();
HttpSessionRequestCache cache = new HttpSessionRequestCache();
MockHttpServletRequest request = new MockHttpServletRequest("POST", "/destination");
MockHttpServletResponse response = new MockHttpServletResponse();
cache.saveRequest(request, response);
assertNotNull(request.getSession().getAttribute(SavedRequest.SPRING_SECURITY_SAVED_REQUEST_KEY));
filter.doFilter(request, response, new MockFilterChain());
assertNull(request.getSession().getAttribute(SavedRequest.SPRING_SECURITY_SAVED_REQUEST_KEY));
}
}