Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Make SessionManagementConfigTests deterministic 

Fixes: gh-4871
This commit is contained in:
Rob Winch 2017-11-21 16:55:05 -06:00
parent 5cf2883afc
commit e377dcf81b
1 changed files with 2 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
config/src/test/groovy/org/springframework/security/config/http/SessionManagementConfigTests.groovy
View File

@ -394,7 +394,6 @@ class SessionManagementConfigTests extends AbstractHttpConfigTests {
def 'session-fixation-protection=migrateSession'() { def 'session-fixation-protection=migrateSession'() {
setup: setup:
MockHttpServletRequest request = new MockHttpServletRequest(method:'POST') MockHttpServletRequest request = new MockHttpServletRequest(method:'POST')
request.session.id = '123'
request.setParameter('username', 'user') request.setParameter('username', 'user')
request.setParameter('password', 'password') request.setParameter('password', 'password')
request.servletPath = '/login' request.servletPath = '/login'
@ -406,13 +405,13 @@ class SessionManagementConfigTests extends AbstractHttpConfigTests {
csrf(disabled:true) csrf(disabled:true)
} }
createAppContext() createAppContext()
request.session.id = '123' String originalId = request.session.id
when: when:
springSecurityFilterChain.doFilter(request,response, chain) springSecurityFilterChain.doFilter(request,response, chain)
then: then:
request.session.id != '123' request.session.id != originalId
} }
def disablingSessionProtectionRetainsSessionManagementFilterInvalidSessionUrlSet() { def disablingSessionProtectionRetainsSessionManagementFilterInvalidSessionUrlSet() {