session#getLastAccessedTime should throw IllegalStateException if session has been invalidated (#4023)

* per servlet api javadoc getLastAccessedTime should throw IllegalStateException if session has been invalidated Signed-off-by: olivier lamy <oliver.lamy@gmail.com> * isInvalid test should be done within lock Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
2019-08-27 13:03:28 +10:00 · 2019-08-27 13:03:28 +10:00 · 5403a30b32
parent 7bc04d3d4f
commit 5403a30b32
2 changed files with 18 additions and 2 deletions
--- a/jetty-server/src/main/java/org/eclipse/jetty/server/session/Session.java
+++ b/jetty-server/src/main/java/org/eclipse/jetty/server/session/Session.java
@ -476,6 +476,10 @@ public class Session implements SessionHandler.SessionIf
    {
        try (Lock lock = _lock.lock())
        {
+            if (isInvalid())
+            {
+                throw new IllegalStateException("Session not valid");
+            }
            return _sessionData.getLastAccessed();
        }
    }
--- a/jetty-server/src/test/java/org/eclipse/jetty/server/session/SessionHandlerTest.java
+++ b/jetty-server/src/test/java/org/eclipse/jetty/server/session/SessionHandlerTest.java
@ -23,9 +23,10 @@ import java.util.Collections;
 import java.util.HashSet;
 import javax.servlet.SessionTrackingMode;

-import org.junit.jupiter.api.Assertions;
 import org.junit.jupiter.api.Test;

+import static org.junit.jupiter.api.Assertions.assertThrows;
+
 public class SessionHandlerTest
 {
    @Test
@ -34,7 +35,18 @@ public class SessionHandlerTest
        SessionHandler sessionHandler = new SessionHandler();
        sessionHandler.setSessionTrackingModes(new HashSet<>(Arrays.asList(SessionTrackingMode.COOKIE, SessionTrackingMode.URL)));
        sessionHandler.setSessionTrackingModes(Collections.singleton(SessionTrackingMode.SSL));
-        Assertions.assertThrows(IllegalArgumentException.class,() ->
+        assertThrows(IllegalArgumentException.class,() ->
            sessionHandler.setSessionTrackingModes(new HashSet<>(Arrays.asList(SessionTrackingMode.SSL, SessionTrackingMode.URL))));
    }
+
+    @Test
+    public void testInvalidSessiongetLastAccessedTime()
+    {
+        Session session = new Session(new SessionHandler(),
+                new SessionData("sd" ,"", "", 0, 0, 0, 0));
+        session.getLastAccessedTime();
+        session.invalidate();
+        assertThrows(IllegalStateException.class, () -> session.getLastAccessedTime());
+    }
+
 }