HttpServletRequestTest.java 文件源码

/**
 * Verifies that a request with a bad session ID causes a new session to be generated only when explicitly requested.
 */
public void testGetSessionWithBadCookie() throws Exception {
    WebRequest wr = new GetMethodWebRequest( "http://localhost/simple" );
    ServletUnitContext context = new ServletUnitContext();
    ServletUnitHttpRequest request = new ServletUnitHttpRequest( NULL_SERVLET_REQUEST, wr, context, new Hashtable(), NO_MESSAGE_BODY );

    HttpSession originalSession = context.newSession();
    String originalID = originalSession.getId();
    request.addCookie( new Cookie( ServletUnitHttpSession.SESSION_COOKIE_NAME, originalID ) );
    request.getSession();

    String badID = originalID + "BAD";
    request = new ServletUnitHttpRequest( NULL_SERVLET_REQUEST, wr, context, new Hashtable(), NO_MESSAGE_BODY );
    request.addCookie( new Cookie( ServletUnitHttpSession.SESSION_COOKIE_NAME, badID ) );

    assertNull( "Unexpected session returned for bad cookie", request.getSession( false ) );
    assertNotNull( "Should have returned session when asked", request.getSession( true ));
    assertNotSame( "Created session", originalSession, request.getSession( true ) );
}