From b3043276bc94d2d7af4e9308fd4c4820b3e4662c Mon Sep 17 00:00:00 2001
From: Jesse McConnell <jesse.mcconnell@gmail.com>
Date: Fri, 25 Jan 2013 16:12:08 -0600
Subject: [PATCH 1/2] add corresponding correct file removal check

---
 .../session/HashSessionManagerTest.java       | 47 ++++++++++++++++++-
 1 file changed, 45 insertions(+), 2 deletions(-)

diff --git a/jetty-server/src/test/java/org/eclipse/jetty/server/session/HashSessionManagerTest.java b/jetty-server/src/test/java/org/eclipse/jetty/server/session/HashSessionManagerTest.java
index 1f1d7bfa8df..12825dbf595 100644
--- a/jetty-server/src/test/java/org/eclipse/jetty/server/session/HashSessionManagerTest.java
+++ b/jetty-server/src/test/java/org/eclipse/jetty/server/session/HashSessionManagerTest.java
@@ -22,14 +22,37 @@ import java.io.File;
 
 import junit.framework.Assert;
 
+import org.eclipse.jetty.server.SessionManager;
 import org.eclipse.jetty.toolchain.test.MavenTestingUtils;
+import org.eclipse.jetty.util.log.Log;
+import org.eclipse.jetty.util.log.StdErrLog;
+import org.junit.After;
+import org.junit.Before;
 import org.junit.Test;
 
 public class HashSessionManagerTest
 {
+    
+    @After
+    public void enableStacks()
+    {
+        enableStacks(true);
+    }
 
+    @Before
+    public void quietStacks()
+    {
+        enableStacks(false);
+    }
+    
+    protected void enableStacks(boolean enabled)
+    {
+        StdErrLog log = (StdErrLog)Log.getLogger("org.eclipse.jetty.server.session");
+        log.setHideStacks(!enabled);
+    }
+    
     @Test
-    public void testDangerousSessionId() throws Exception
+    public void testDangerousSessionIdRemoval() throws Exception
     {
         final HashSessionManager manager = new HashSessionManager();
         manager.setDeleteUnrestorableSessions(true);
@@ -41,10 +64,30 @@ public class HashSessionManagerTest
         MavenTestingUtils.getTargetFile("dangerFile.session").createNewFile();
         
         Assert.assertTrue("File should exist!", MavenTestingUtils.getTargetFile("dangerFile.session").exists());
-        
+
         manager.getSession("../../dangerFile.session");
         
         Assert.assertTrue("File should exist!", MavenTestingUtils.getTargetFile("dangerFile.session").exists());
 
     }
+    
+    @Test
+    public void testValidSessionIdRemoval() throws Exception
+    {
+        final HashSessionManager manager = new HashSessionManager();
+        manager.setDeleteUnrestorableSessions(true);
+        manager.setLazyLoad(true);
+        File testDir = MavenTestingUtils.getTargetTestingDir("hashes");
+        testDir.mkdirs();
+        manager.setStoreDirectory(testDir);
+        
+        new File(testDir, "validFile.session").createNewFile();
+        
+        Assert.assertTrue("File should exist!", new File(testDir, "validFile.session").exists());
+       
+        manager.getSession("validFile.session");
+
+        Assert.assertTrue("File shouldn't exist!", !new File(testDir,"validFile.session").exists());
+
+    }
 }

From 1a310673698626cb2a0cafe1e9a4ddcc96008e36 Mon Sep 17 00:00:00 2001
From: Jesse McConnell <jesse.mcconnell@gmail.com>
Date: Fri, 25 Jan 2013 16:25:59 -0600
Subject: [PATCH 2/2] Add note about getCanonicalFile check and fix IdleSession
 test in test hash sessions

---
 .../jetty/server/session/HashSessionManager.java  |  4 +++-
 .../jetty/server/session/IdleSessionTest.java     | 15 +++++++++++----
 2 files changed, 14 insertions(+), 5 deletions(-)

diff --git a/jetty-server/src/main/java/org/eclipse/jetty/server/session/HashSessionManager.java b/jetty-server/src/main/java/org/eclipse/jetty/server/session/HashSessionManager.java
index 1f7318a6dcd..b6866a0dbef 100644
--- a/jetty-server/src/main/java/org/eclipse/jetty/server/session/HashSessionManager.java
+++ b/jetty-server/src/main/java/org/eclipse/jetty/server/session/HashSessionManager.java
@@ -437,7 +437,9 @@ public class HashSessionManager extends AbstractSessionManager
 
     /* ------------------------------------------------------------ */
     public void setStoreDirectory (File dir) throws IOException
-    {
+    { 
+        // CanonicalFile is used to capture the base store directory in a way that will
+        // work on Windows.  Case differences may through off later checks using this directory.
         _storeDir=dir.getCanonicalFile();
     }
 
diff --git a/tests/test-sessions/test-hash-sessions/src/test/java/org/eclipse/jetty/server/session/IdleSessionTest.java b/tests/test-sessions/test-hash-sessions/src/test/java/org/eclipse/jetty/server/session/IdleSessionTest.java
index b769250acf1..c1b31cb4dd5 100644
--- a/tests/test-sessions/test-hash-sessions/src/test/java/org/eclipse/jetty/server/session/IdleSessionTest.java
+++ b/tests/test-sessions/test-hash-sessions/src/test/java/org/eclipse/jetty/server/session/IdleSessionTest.java
@@ -72,10 +72,17 @@ public class IdleSessionTest
         @Override
         public SessionManager newSessionManager()
         {
-            HashSessionManager manager = (HashSessionManager)super.newSessionManager();
-            manager.setStoreDirectory(_storeDir);
-            manager.setIdleSavePeriod(_idlePeriod);
-            return manager;
+            try
+            {
+                HashSessionManager manager = (HashSessionManager)super.newSessionManager();
+                manager.setStoreDirectory(_storeDir);
+                manager.setIdleSavePeriod(_idlePeriod);
+                return manager;
+            }
+            catch ( IOException e)
+            {
+                return null;
+            }
         }