Skip to content

Commit 16f9325

Browse files
xeno6696xeno6696
committed
Added missing call (?) to HttpUtilitiesTest to set the current request. Refactored AbstractAuthenticator to make the method call transactional.
1 parent a551c5f commit 16f9325

File tree

2 files changed

+29
-12
lines changed

2 files changed

+29
-12
lines changed

src/main/java/org/owasp/esapi/reference/AbstractAuthenticator.java

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -96,7 +96,9 @@ public User getCurrentUser() {
9696
* @return the user from session or null if no user is found in the session
9797
*/
9898
protected User getUserFromSession() {
99-
HttpSession session = ESAPI.httpUtilities().getCurrentRequest().getSession(false);
99+
HTTPUtilities httpUtils = ESAPI.httpUtilities();
100+
HttpServletRequest req = httpUtils.getCurrentRequest();
101+
HttpSession session = req.getSession(false);
100102
if (session == null) return null;
101103
return ESAPI.httpUtilities().getSessionAttribute(USER);
102104
}

src/test/java/org/owasp/esapi/reference/HTTPUtilitiesTest.java

Lines changed: 26 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -15,24 +15,38 @@
1515
*/
1616
package org.owasp.esapi.reference;
1717

18-
import junit.framework.Test;
19-
import junit.framework.TestCase;
20-
import junit.framework.TestSuite;
21-
import org.owasp.esapi.*;
18+
import java.io.File;
19+
import java.io.IOException;
20+
import java.util.ArrayList;
21+
import java.util.HashMap;
22+
import java.util.Iterator;
23+
import java.util.List;
24+
import java.util.Map;
25+
26+
import javax.servlet.http.Cookie;
27+
import javax.servlet.http.HttpServletRequest;
28+
import javax.servlet.http.HttpSession;
29+
30+
import org.owasp.esapi.Authenticator;
31+
import org.owasp.esapi.ESAPI;
32+
import org.owasp.esapi.EncoderConstants;
33+
import org.owasp.esapi.HTTPUtilities;
34+
import org.owasp.esapi.User;
2235
import org.owasp.esapi.codecs.Hex;
2336
import org.owasp.esapi.crypto.CipherText;
24-
import org.owasp.esapi.errors.*;
37+
import org.owasp.esapi.errors.AccessControlException;
38+
import org.owasp.esapi.errors.AuthenticationException;
39+
import org.owasp.esapi.errors.EncryptionException;
40+
import org.owasp.esapi.errors.EnterpriseSecurityException;
41+
import org.owasp.esapi.errors.ValidationException;
2542
import org.owasp.esapi.http.MockHttpServletRequest;
2643
import org.owasp.esapi.http.MockHttpServletResponse;
2744
import org.owasp.esapi.http.MockHttpSession;
2845
import org.owasp.esapi.util.FileTestUtils;
2946

30-
import javax.servlet.http.Cookie;
31-
import javax.servlet.http.HttpServletRequest;
32-
import javax.servlet.http.HttpSession;
33-
import java.io.File;
34-
import java.io.IOException;
35-
import java.util.*;
47+
import junit.framework.Test;
48+
import junit.framework.TestCase;
49+
import junit.framework.TestSuite;
3650

3751
/**
3852
* The Class HTTPUtilitiesTest.
@@ -462,6 +476,7 @@ public void testSetRememberToken() throws AuthenticationException {
462476
request.addParameter("username", accountName);
463477
request.addParameter("password", password);
464478
MockHttpServletResponse response = new MockHttpServletResponse();
479+
ESAPI.httpUtilities().setCurrentHTTP(request, response);
465480
instance.login( request, response);
466481

467482
int maxAge = ( 60 * 60 * 24 * 14 );

0 commit comments

Comments
 (0)