SEC-1241: Make sure saved request is removed after a match.
This commit is contained in:
parent
9d26527f30
commit
ac4e7bbadb
|
@ -71,6 +71,8 @@ public class HttpSessionRequestCache implements RequestCache {
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
removeRequest(request, response);
|
||||||
|
|
||||||
return new SavedRequestAwareWrapper(saved, request);
|
return new SavedRequestAwareWrapper(saved, request);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -39,7 +39,7 @@ public interface RequestCache {
|
||||||
HttpServletRequest getMatchingRequest(HttpServletRequest request, HttpServletResponse response);
|
HttpServletRequest getMatchingRequest(HttpServletRequest request, HttpServletResponse response);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Removes and returns the cached request
|
* Removes the cached request
|
||||||
* @param currentRequest
|
* @param currentRequest
|
||||||
*/
|
*/
|
||||||
void removeRequest(HttpServletRequest request, HttpServletResponse response);
|
void removeRequest(HttpServletRequest request, HttpServletResponse response);
|
||||||
|
|
|
@ -0,0 +1,27 @@
|
||||||
|
package org.springframework.security.web.savedrequest;
|
||||||
|
|
||||||
|
import static org.junit.Assert.*;
|
||||||
|
|
||||||
|
import org.junit.Test;
|
||||||
|
import org.springframework.mock.web.MockFilterChain;
|
||||||
|
import org.springframework.mock.web.MockHttpServletRequest;
|
||||||
|
import org.springframework.mock.web.MockHttpServletResponse;
|
||||||
|
|
||||||
|
public class RequestCacheAwareFilterTests {
|
||||||
|
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void savedRequestIsRemovedAfterMatch() throws Exception {
|
||||||
|
RequestCacheAwareFilter filter = new RequestCacheAwareFilter();
|
||||||
|
HttpSessionRequestCache cache = new HttpSessionRequestCache();
|
||||||
|
|
||||||
|
MockHttpServletRequest request = new MockHttpServletRequest("POST", "/destination");
|
||||||
|
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||||
|
cache.saveRequest(request, response);
|
||||||
|
assertNotNull(request.getSession().getAttribute(SavedRequest.SPRING_SECURITY_SAVED_REQUEST_KEY));
|
||||||
|
|
||||||
|
filter.doFilter(request, response, new MockFilterChain());
|
||||||
|
assertNull(request.getSession().getAttribute(SavedRequest.SPRING_SECURITY_SAVED_REQUEST_KEY));
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
Loading…
Reference in New Issue