This is an automated email from the ASF dual-hosted git repository.
remm pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new bff8ca00a0 Add SSL session tracking test
bff8ca00a0 is described below
commit bff8ca00a0288c01e8fc372e2a2db9ef8f09527f
Author: remm <r...@apache.org>
AuthorDate: Wed Oct 2 17:20:23 2024 +0200
Add SSL session tracking test
---
test/org/apache/tomcat/util/net/TestSsl.java | 59 ++++++++++++++++++++++++++++
1 file changed, 59 insertions(+)
diff --git a/test/org/apache/tomcat/util/net/TestSsl.java
b/test/org/apache/tomcat/util/net/TestSsl.java
index db982e073c..d9be2053be 100644
--- a/test/org/apache/tomcat/util/net/TestSsl.java
+++ b/test/org/apache/tomcat/util/net/TestSsl.java
@@ -26,6 +26,7 @@ import java.io.Reader;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
+import java.util.EnumSet;
import java.util.List;
import java.util.concurrent.CountDownLatch;
import java.util.concurrent.atomic.AtomicInteger;
@@ -37,6 +38,7 @@ import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.servlet.ServletException;
+import javax.servlet.SessionTrackingMode;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
@@ -48,11 +50,17 @@ import org.junit.runners.Parameterized;
import org.junit.runners.Parameterized.Parameter;
import org.apache.catalina.Context;
+import org.apache.catalina.Lifecycle;
+import org.apache.catalina.LifecycleEvent;
+import org.apache.catalina.LifecycleListener;
import org.apache.catalina.Wrapper;
import org.apache.catalina.connector.Connector;
+import org.apache.catalina.connector.Request;
+import org.apache.catalina.connector.Response;
import org.apache.catalina.startup.TesterServlet;
import org.apache.catalina.startup.Tomcat;
import org.apache.catalina.startup.TomcatBaseTest;
+import org.apache.catalina.valves.ValveBase;
import org.apache.tomcat.util.buf.ByteChunk;
import org.apache.tomcat.websocket.server.WsContextListener;
@@ -116,6 +124,37 @@ public class TestSsl extends TomcatBaseTest {
}
+ private String sessionId = null;
+
+ @Test
+ public void testSSLSessionTracking() throws Exception {
+ TesterSupport.configureClientSsl();
+
+ Tomcat tomcat = getTomcatInstance();
+ tomcat.getEngine().getPipeline().addValve(new VerificationValve());
+
+ File appDir = new File(getBuildDirectory(), "webapps/examples");
+ Context ctxt = tomcat.addWebapp(null, "/examples",
appDir.getAbsolutePath());
+ ctxt.addLifecycleListener(new SSLSessionTrackingLifecycleListener());
+ ctxt.addApplicationListener(WsContextListener.class.getName());
+
+ ctxt = getProgrammaticRootContext();
+ Tomcat.addServlet(ctxt, "post", new SimplePostServlet());
+ ctxt.addServletMappingDecoded("/post", "post");
+
+ TesterSupport.initSsl(tomcat);
+ TesterSupport.configureSSLImplementation(tomcat,
sslImplementationName, useOpenSSL);
+
+ tomcat.start();
+ getUrl("https://localhost:"; + getPort() +
"/examples/servlets/servlet/HelloWorldExample");
+ // SSL is the only source for the requested session ID, and
SessionTrackingMode.SSL is set on examples
+ Assert.assertNotNull(sessionId);
+ Assert.assertTrue(sessionId.length() > 1);
+ // No SessionTrackingMode.SSL on the root webapp
+ getUrl("https://localhost:"; + getPort() + "/post");
+ Assert.assertNull(sessionId);
+ }
+
@Test
public void testPost() throws Exception {
SocketFactory socketFactory = TesterSupport.configureClientSsl();
@@ -381,4 +420,24 @@ public class TestSsl extends TomcatBaseTest {
}
}
+
+ public static class SSLSessionTrackingLifecycleListener implements
LifecycleListener {
+ @Override
+ public void lifecycleEvent(LifecycleEvent event) {
+ if (Lifecycle.BEFORE_START_EVENT.equals(event.getType())) {
+ if (!(event.getLifecycle() instanceof Context)) {
+ throw new IllegalArgumentException("Not Context");
+ }
+ Context context = (Context) event.getLifecycle();
+
context.getServletContext().setSessionTrackingModes(EnumSet.of(SessionTrackingMode.SSL));
+ }
+ }
+ }
+
+ public class VerificationValve extends ValveBase {
+ @Override
+ public void invoke(Request request, Response response) throws
IOException, ServletException {
+ sessionId = request.getRequestedSessionId();
+ }
+ }
}
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
