@Test public void shouldInvalidateSession() { assertThat(session.isInvalidated(), is(false)); session.invalidate(); assertThat(session.isInvalidated(), is(true)); }
/** * Handles session storage/invalidation, sets session cookies. * * @param session * @param response * @throws IOException */ public void handleSession(final HttpSessionImpl session, final HttpServletResponseImpl response) throws IOException { Cookie cookie = new Cookie(HttpSessionImpl.COOKIE_NAME, ""); if (session.isInvalidated()) { cookie.setMaxAge(MAX_AGE_IN_PAST); sessionStorage.removeSession(session); LOGGER.log(Level.FINE, "Invalidated session {0}", new Object[]{session.getId()}); } else { cookie.setValue(session.getId()); sessionStorage.persistSession(session); } response.addCookie(cookie); }