diff --git a/tests/test-sessions/test-sessions-common/src/test/java/org/eclipse/jetty/server/session/DuplicateCookieTest.java b/tests/test-sessions/test-sessions-common/src/test/java/org/eclipse/jetty/server/session/DuplicateCookieTest.java index c0f6bb10149..e18eae76c95 100644 --- a/tests/test-sessions/test-sessions-common/src/test/java/org/eclipse/jetty/server/session/DuplicateCookieTest.java +++ b/tests/test-sessions/test-sessions-common/src/test/java/org/eclipse/jetty/server/session/DuplicateCookieTest.java @@ -14,6 +14,7 @@ package org.eclipse.jetty.server.session; import java.io.IOException; +import java.util.concurrent.CountDownLatch; import java.util.concurrent.TimeUnit; import jakarta.servlet.ServletException; @@ -33,6 +34,7 @@ import org.junit.jupiter.api.Test; import static org.junit.jupiter.api.Assertions.assertEquals; import static org.junit.jupiter.api.Assertions.assertNotNull; +import static org.junit.jupiter.api.Assertions.assertTrue; /** * Test having multiple session cookies in a request. @@ -54,6 +56,8 @@ public class DuplicateCookieTest ServletHolder holder = new ServletHolder(servlet); ServletContextHandler contextHandler = server1.addContext(contextPath); contextHandler.addServlet(holder, servletMapping); + TestHttpChannelCompleteListener scopeListener = new TestHttpChannelCompleteListener(); + server1.getServerConnector().addBean(scopeListener); server1.start(); int port1 = server1.getPort(); @@ -70,6 +74,8 @@ public class DuplicateCookieTest assertEquals(0, s4422.getRequests()); //make a request with another session cookie in there that does not exist + CountDownLatch latch = new CountDownLatch(1); + scopeListener.setExitSynchronizer(latch); Request request = client.newRequest("http://localhost:" + port1 + contextPath + servletMapping + "?action=check"); request.headers(headers -> headers.add("Cookie", "JSESSIONID=123")); //doesn't exist request.headers(headers -> headers.add("Cookie", "JSESSIONID=4422")); //does exist @@ -77,6 +83,10 @@ public class DuplicateCookieTest assertEquals(HttpServletResponse.SC_OK, response.getStatus()); assertEquals("4422", response.getContentAsString()); + //ensure request has finished processing so session will be completed + assertTrue(latch.await(5, TimeUnit.SECONDS)); + + //check session is drained of requests assertEquals(0, s4422.getRequests()); } finally @@ -101,6 +111,8 @@ public class DuplicateCookieTest ServletHolder holder = new ServletHolder(servlet); ServletContextHandler contextHandler = server1.addContext(contextPath); contextHandler.addServlet(holder, servletMapping); + TestHttpChannelCompleteListener scopeListener = new TestHttpChannelCompleteListener(); + server1.getServerConnector().addBean(scopeListener); server1.start(); int port1 = server1.getPort(); @@ -127,6 +139,8 @@ public class DuplicateCookieTest assertEquals(0, s2255.getRequests()); //make a request where the valid session cookie is first + CountDownLatch latch = new CountDownLatch(1); + scopeListener.setExitSynchronizer(latch); Request request = client.newRequest("http://localhost:" + port1 + contextPath + servletMapping + "?action=check"); request.headers(headers -> headers.add("Cookie", "JSESSIONID=1122")); //is valid request.headers(headers -> headers.add("Cookie", "JSESSIONID=2233")); //is invalid @@ -135,6 +149,10 @@ public class DuplicateCookieTest assertEquals(HttpServletResponse.SC_OK, response.getStatus()); assertEquals("1122", response.getContentAsString()); + //ensure request has finished processing so session will be completed + assertTrue(latch.await(5, TimeUnit.SECONDS)); + + //check valid session is drained of requests assertEquals(0, s1122.getRequests()); } finally @@ -159,6 +177,8 @@ public class DuplicateCookieTest ServletHolder holder = new ServletHolder(servlet); ServletContextHandler contextHandler = server1.addContext(contextPath); contextHandler.addServlet(holder, servletMapping); + TestHttpChannelCompleteListener scopeListener = new TestHttpChannelCompleteListener(); + server1.getServerConnector().addBean(scopeListener); server1.start(); int port1 = server1.getPort(); @@ -185,6 +205,9 @@ public class DuplicateCookieTest assertEquals(0, s2255.getRequests()); //make a request with the valid session cookie last + // Create the session + CountDownLatch latch = new CountDownLatch(1); + scopeListener.setExitSynchronizer(latch); Request request = client.newRequest("http://localhost:" + port1 + contextPath + servletMapping + "?action=check"); request.headers(headers -> headers.add("Cookie", "JSESSIONID=2233")); //is invalid request.headers(headers -> headers.add("Cookie", "JSESSIONID=2255")); //is invalid @@ -193,6 +216,10 @@ public class DuplicateCookieTest assertEquals(HttpServletResponse.SC_OK, response.getStatus()); assertEquals("1122", response.getContentAsString()); + //ensure request has completed so session will be completed + assertTrue(latch.await(5, TimeUnit.SECONDS)); + + //check valid session drained of requests assertEquals(0, s1122.getRequests()); } finally @@ -217,6 +244,8 @@ public class DuplicateCookieTest ServletHolder holder = new ServletHolder(servlet); ServletContextHandler contextHandler = server1.addContext(contextPath); contextHandler.addServlet(holder, servletMapping); + TestHttpChannelCompleteListener scopeListener = new TestHttpChannelCompleteListener(); + server1.getServerConnector().addBean(scopeListener); server1.start(); int port1 = server1.getPort(); @@ -243,6 +272,8 @@ public class DuplicateCookieTest assertEquals(0, s2255.getRequests()); //make a request with another session cookie with the valid session surrounded by invalids + CountDownLatch latch = new CountDownLatch(1); + scopeListener.setExitSynchronizer(latch); Request request = client.newRequest("http://localhost:" + port1 + contextPath + servletMapping + "?action=check"); request.headers(headers -> headers.add("Cookie", "JSESSIONID=2233")); //is invalid request.headers(headers -> headers.add("Cookie", "JSESSIONID=1122")); //is valid @@ -251,6 +282,10 @@ public class DuplicateCookieTest assertEquals(HttpServletResponse.SC_OK, response.getStatus()); assertEquals("1122", response.getContentAsString()); + //ensure request has completed so session will be completed + assertTrue(latch.await(5, TimeUnit.SECONDS)); + + //check valid session drained of requests assertEquals(0, s1122.getRequests()); } finally @@ -275,12 +310,14 @@ public class DuplicateCookieTest ServletHolder holder = new ServletHolder(servlet); ServletContextHandler contextHandler = server1.addContext(contextPath); contextHandler.addServlet(holder, servletMapping); + TestHttpChannelCompleteListener scopeListener = new TestHttpChannelCompleteListener(); + server1.getServerConnector().addBean(scopeListener); server1.start(); int port1 = server1.getPort(); try (StacklessLogging ignored = new StacklessLogging(DuplicateCookieTest.class.getPackage())) { - //create some of unexpired sessions + //create some unexpired sessions Session s1234 = createUnExpiredSession(contextHandler.getSessionHandler().getSessionCache(), contextHandler.getSessionHandler().getSessionCache().getSessionDataStore(), "1234"); @@ -300,13 +337,18 @@ public class DuplicateCookieTest assertEquals(0, s9111.getRequests()); //make a request with multiple valid session ids + CountDownLatch latch = new CountDownLatch(1); + scopeListener.setExitSynchronizer(latch); Request request = client.newRequest("http://localhost:" + port1 + contextPath + servletMapping + "?action=check"); request.headers(headers -> headers.add("Cookie", "JSESSIONID=1234")); request.headers(headers -> headers.add("Cookie", "JSESSIONID=5678")); ContentResponse response = request.send(); assertEquals(HttpServletResponse.SC_BAD_REQUEST, response.getStatus()); - //check that all valid sessions have their request counts decremented correctly after the request, back to 0 + //ensure request has completed so any session will be completed + assertTrue(latch.await(5, TimeUnit.SECONDS)); + + //check that all sessions have their request counts decremented correctly after the request, back to 0 assertEquals(0, s1234.getRequests()); assertEquals(0, s5678.getRequests()); assertEquals(0, s9111.getRequests()); @@ -333,6 +375,8 @@ public class DuplicateCookieTest ServletHolder holder = new ServletHolder(servlet); ServletContextHandler contextHandler = server1.addContext(contextPath); contextHandler.addServlet(holder, servletMapping); + TestHttpChannelCompleteListener scopeListener = new TestHttpChannelCompleteListener(); + server1.getServerConnector().addBean(scopeListener); server1.start(); int port1 = server1.getPort(); @@ -350,12 +394,17 @@ public class DuplicateCookieTest assertEquals(0, s1234.getRequests()); //make a request with multiple valid session ids + CountDownLatch latch = new CountDownLatch(1); + scopeListener.setExitSynchronizer(latch); Request request = client.newRequest("http://localhost:" + port1 + contextPath + servletMapping + "?action=check"); request.headers(headers -> headers.add("Cookie", "JSESSIONID=1234")); request.headers(headers -> headers.add("Cookie", "JSESSIONID=1234")); ContentResponse response = request.send(); assertEquals(HttpServletResponse.SC_OK, response.getStatus()); + //ensure request has finished processing so session will be completed + assertTrue(latch.await(5, TimeUnit.SECONDS)); + //check that all valid sessions have their request counts decremented correctly after the request, back to 0 assertEquals(0, s1234.getRequests()); }