Merge branch 'master' into jetty-8

jetty-io/src/main/java/org/eclipse/jetty/io/nio/SelectChannelEndPoint.java

@@ -283,12 +283,18 @@ public class SelectChannelEndPoint extends ChannelEndPoint implements AsyncEndPo
 
         if (idleTimestamp!=0 && _maxIdleTime>0)
         {
-            long idleForMs=now-idleTimestamp;
+            final long idleForMs=now-idleTimestamp;
 
             if (idleForMs>_maxIdleTime)
+            {
+                _manager.dispatch(new Runnable()
+                {
+                    public void run()
                     {
                         onIdleExpired(idleForMs);
-                _idleTimestamp=now;
+                        _idleTimestamp=System.currentTimeMillis();
+                    }
+                });
             }
         }
     }

jetty-io/src/test/java/org/eclipse/jetty/io/nio/SelectChannelEndPointTest.java

@@ -5,6 +5,7 @@ import static org.hamcrest.Matchers.greaterThan;
 
 import static org.junit.Assert.assertEquals;
 import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertThat;
 import static org.junit.Assert.assertTrue;
 
 import java.io.BufferedInputStream;
@@ -24,6 +25,7 @@ import org.eclipse.jetty.io.AsyncEndPoint;
 import org.eclipse.jetty.io.ConnectedEndPoint;
 import org.eclipse.jetty.io.EndPoint;
 import org.eclipse.jetty.util.thread.QueuedThreadPool;
+import org.hamcrest.Matchers;
 import org.junit.After;
 import org.junit.Assert;
 import org.junit.Before;
@@ -360,17 +362,17 @@ public class SelectChannelEndPointTest
         int b=client.getInputStream().read();
         assertEquals(-1,b);
         long idle=System.currentTimeMillis()-start;
-        assertTrue(idle>400);
+        assertThat(idle,Matchers.greaterThan(400L));
-        assertTrue(idle<2000);
+        assertThat(idle,Matchers.lessThan(3000L));
         
-        // But endpoint is still open.
+        if (_lastEndp.isOpen())
-        assertTrue(_lastEndp.isOpen());
+        {
-        
+            // half close so wait another idle period
-        
+            assertTrue(_lastEndp.isOutputShutdown());
-        // Wait for another idle callback
             Thread.sleep(2000);
-        // endpoint is closed.
+        }
         
+        // endpoint is closed.
         assertFalse(_lastEndp.isOpen());
         
     }

jetty-security/src/main/java/org/eclipse/jetty/security/authentication/FormAuthenticator.java

@@ -77,6 +77,7 @@ public class FormAuthenticator extends LoginAuthenticator
     private String _formLoginPage;
     private String _formLoginPath;
     private boolean _dispatch;
+    private boolean _alwaysSaveUri;
 
     public FormAuthenticator()
     {
@@ -93,6 +94,26 @@ public class FormAuthenticator extends LoginAuthenticator
         _dispatch=dispatch;
     }
     
+    /* ------------------------------------------------------------ */
+    /**
+     * If true, uris that cause a redirect to a login page will always
+     * be remembered. If false, only the first uri that leads to a login
+     * page redirect is remembered.
+     * See https://bugs.eclipse.org/bugs/show_bug.cgi?id=379909
+     * @param alwaysSave
+     */
+    public void setAlwaysSaveUri (boolean alwaysSave)
+    {
+        _alwaysSaveUri = alwaysSave;
+    }
+    
+    
+    /* ------------------------------------------------------------ */
+    public boolean getAlwaysSaveUri ()
+    {
+        return _alwaysSaveUri;
+    }
+    
     /* ------------------------------------------------------------ */
     /**
      * @see org.eclipse.jetty.security.authentication.LoginAuthenticator#setConfiguration(org.eclipse.jetty.security.Authenticator.AuthConfiguration)
@@ -279,8 +300,8 @@ public class FormAuthenticator extends LoginAuthenticator
             // remember the current URI
             synchronized (session)
             {
-                // But only if it is not set already
+                // But only if it is not set already, or we save every uri that leads to a login form redirect
-                if (session.getAttribute(__J_URI)==null)
+                if (session.getAttribute(__J_URI)==null || _alwaysSaveUri)
                 {  
                     StringBuffer buf = request.getRequestURL();
                     if (request.getQueryString() != null)

test-jetty-webapp/src/main/config/contexts/test.xml

@@ -61,6 +61,11 @@ detected.
             -->
       </New>
     </Set>
+    <Set name="authenticator">
+      <New class="org.eclipse.jetty.security.authentication.FormAuthenticator">
+        <Set name="alwaysSaveUri">true</Set>
+      </New>
+    </Set>
     <Set name="checkWelcomeFiles">true</Set>
   </Get>
   

test-jetty-webapp/src/main/webapp/WEB-INF/web.xml

@@ -275,6 +275,16 @@
     <location>/error404.html</location>
   </error-page>
 
+  <security-constraint>
+    <web-resource-collection>
+      <web-resource-name>Auth2</web-resource-name>
+      <url-pattern>/auth2/*</url-pattern>
+    </web-resource-collection>
+    <auth-constraint>
+      <role-name>*</role-name>
+    </auth-constraint>
+  </security-constraint>
+
   <security-constraint>
     <web-resource-collection>
       <web-resource-name>Any User</web-resource-name>

test-jetty-webapp/src/main/webapp/auth.html

@@ -12,6 +12,7 @@ This page contains several links to test the authentication constraints:
 <ul>
 <li><a href="auth/file.txt">auth/file.txt</a> - Forbidden</li>
 <li><a href="auth/relax.txt">auth/relax.txt</a> - Allowed</li>
+<li><a href="auth2">auth2/index.html</a> - Authenticated (tests FormAuthenticator.setAlwaysSaveUri()) </li>
 <li><a href="dump/auth/noaccess/info">dump/auth/noaccess/*</a> - Forbidden</li>
 <li><a href="dump/auth/relax/info">dump/auth/relax/*</a> - Allowed</li>
 <li><a href="dump/auth/info">dump/auth/*</a> - Authenticated any user</li>

test-jetty-webapp/src/main/webapp/auth2/index.html

@@ -0,0 +1,6 @@
+<html>
+  <body>
+    <h1>YAY!</h1>
+    <p>You have successfully authenticated. You can use this url in conjunction with any of the other urls that lead to a login form to test which urls are saved on entry to the login form.</p>
+  </body>
+</html>