ServletContext#setSessionTrackingModes must throw IAE if SSL and another mode (#3976)
* according to Javadoc and failing tck tests ServletContext#setSessionTrackingModes IllegalArgumentException - if sessionTrackingModes specifies a combination of SessionTrackingMode.SSL with a session tracking mode other than SessionTrackingMode.SSL Signed-off-by: olivier lamy <oliver.lamy@gmail.com> * test adding only SSL Signed-off-by: olivier lamy <oliver.lamy@gmail.com> * fixes from Jan review Signed-off-by: olivier lamy <oliver.lamy@gmail.com> * fix package order Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
This commit is contained in:
parent
7c0266af4c
commit
95f7fddc59
|
@ -1019,6 +1019,12 @@ public class SessionHandler extends ScopedHandler
|
||||||
|
|
||||||
public void setSessionTrackingModes(Set<SessionTrackingMode> sessionTrackingModes)
|
public void setSessionTrackingModes(Set<SessionTrackingMode> sessionTrackingModes)
|
||||||
{
|
{
|
||||||
|
if (sessionTrackingModes != null &&
|
||||||
|
sessionTrackingModes.size() > 1 &&
|
||||||
|
sessionTrackingModes.contains(SessionTrackingMode.SSL))
|
||||||
|
{
|
||||||
|
throw new IllegalArgumentException ("sessionTrackingModes specifies a combination of SessionTrackingMode.SSL with a session tracking mode other than SessionTrackingMode.SSL");
|
||||||
|
}
|
||||||
_sessionTrackingModes = new HashSet<>(sessionTrackingModes);
|
_sessionTrackingModes = new HashSet<>(sessionTrackingModes);
|
||||||
_usingCookies = _sessionTrackingModes.contains(SessionTrackingMode.COOKIE);
|
_usingCookies = _sessionTrackingModes.contains(SessionTrackingMode.COOKIE);
|
||||||
_usingURLs = _sessionTrackingModes.contains(SessionTrackingMode.URL);
|
_usingURLs = _sessionTrackingModes.contains(SessionTrackingMode.URL);
|
||||||
|
|
|
@ -0,0 +1,41 @@
|
||||||
|
//
|
||||||
|
// ========================================================================
|
||||||
|
// Copyright (c) 1995-2019 Mort Bay Consulting Pty. Ltd.
|
||||||
|
// ------------------------------------------------------------------------
|
||||||
|
// All rights reserved. This program and the accompanying materials
|
||||||
|
// are made available under the terms of the Eclipse Public License v1.0
|
||||||
|
// and Apache License v2.0 which accompanies this distribution.
|
||||||
|
//
|
||||||
|
// The Eclipse Public License is available at
|
||||||
|
// http://www.eclipse.org/legal/epl-v10.html
|
||||||
|
//
|
||||||
|
// The Apache License v2.0 is available at
|
||||||
|
// http://www.opensource.org/licenses/apache2.0.php
|
||||||
|
//
|
||||||
|
// You may elect to redistribute this code under either of these licenses.
|
||||||
|
// ========================================================================
|
||||||
|
//
|
||||||
|
|
||||||
|
package org.eclipse.jetty.server.session;
|
||||||
|
|
||||||
|
import java.util.Arrays;
|
||||||
|
import java.util.Collections;
|
||||||
|
import java.util.HashSet;
|
||||||
|
import javax.servlet.SessionTrackingMode;
|
||||||
|
|
||||||
|
import org.junit.jupiter.api.Assertions;
|
||||||
|
import org.junit.jupiter.api.Test;
|
||||||
|
|
||||||
|
|
||||||
|
public class SessionHandlerTest
|
||||||
|
{
|
||||||
|
@Test
|
||||||
|
public void testSessionTrackingMode()
|
||||||
|
{
|
||||||
|
SessionHandler sessionHandler = new SessionHandler();
|
||||||
|
sessionHandler.setSessionTrackingModes(new HashSet<>(Arrays.asList(SessionTrackingMode.COOKIE, SessionTrackingMode.URL)));
|
||||||
|
sessionHandler.setSessionTrackingModes(Collections.singleton(SessionTrackingMode.SSL));
|
||||||
|
Assertions.assertThrows(IllegalArgumentException.class,() ->
|
||||||
|
sessionHandler.setSessionTrackingModes(new HashSet<>(Arrays.asList(SessionTrackingMode.SSL, SessionTrackingMode.URL))));
|
||||||
|
}
|
||||||
|
}
|
Loading…
Reference in New Issue