Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Make SessionManagementConfigTests deterministic 

Fixes: gh-4871
This commit is contained in:
Rob Winch 2017-11-21 16:55:05 -06:00
parent 5cf2883afc
commit e377dcf81b
1 changed files with 2 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
config/src/test/groovy/org/springframework/security/config/http/SessionManagementConfigTests.groovy
View File

@ -394,7 +394,6 @@ class SessionManagementConfigTests extends AbstractHttpConfigTests {
def 'session-fixation-protection=migrateSession'() {
setup:
MockHttpServletRequest request = new MockHttpServletRequest(method:'POST')
request.session.id = '123'
request.setParameter('username', 'user')
request.setParameter('password', 'password')
request.servletPath = '/login'
@ -406,13 +405,13 @@ class SessionManagementConfigTests extends AbstractHttpConfigTests {
csrf(disabled:true)
}
createAppContext()
request.session.id = '123'
String originalId = request.session.id
when:
springSecurityFilterChain.doFilter(request,response, chain)
then:
request.session.id != '123'
request.session.id != originalId
}
def disablingSessionProtectionRetainsSessionManagementFilterInvalidSessionUrlSet() {