Add a test and fixes for problems revealed.

Author: snoopdave

app/src/main/java/org/apache/roller/weblogger/ui/core/RollerSession.java

@@ -66,17 +66,18 @@ public static RollerSession getRollerSession(HttpServletRequest request) {
             rollerSession = (RollerSession)session.getAttribute(ROLLER_SESSION);
 
             if (rollerSession == null) {
+                // Create new session if none exists
                 rollerSession = new RollerSession();
                 session.setAttribute(ROLLER_SESSION, rollerSession);
             } else if (rollerSession.getAuthenticatedUser() != null) {
-                RollerSessionManager sessionManager = RollerSessionManager.getInstance();
-                if (sessionManager.get(rollerSession.getAuthenticatedUser().getUserName()) == null) {
-                    // session not present in cache means that it is invalid
+                // Check if session is still valid in cache
+                RollerSessionManager manager = RollerSessionManager.getInstance();
+                String username = rollerSession.getAuthenticatedUser().getUserName();
+                if (manager.get(username) == null) {
                     rollerSession = new RollerSession();
                     session.setAttribute(ROLLER_SESSION, rollerSession);
                 }
             }
-            
             Principal principal = request.getUserPrincipal();
 
             // If we've got a principal but no user object, then attempt to get
@@ -152,17 +153,4 @@ public void setAuthenticatedUser(User authenticatedUser) {
         RollerSessionManager sessionManager = RollerSessionManager.getInstance();
         sessionManager.register(authenticatedUser.getUserName(), this);
     }
-
-    private void clearSession(HttpSessionEvent se) {
-        HttpSession session = se.getSession();
-        try {
-            session.removeAttribute(ROLLER_SESSION);
-        } catch (Exception e) {
-            if (log.isDebugEnabled()) {
-                // ignore purge exceptions
-                log.debug("EXCEPTION PURGING session attributes",e);
-            }
-        }
-    }
-    
 }

app/src/main/java/org/apache/roller/weblogger/ui/core/RollerSessionManager.java

@@ -13,7 +13,6 @@
 public class RollerSessionManager {
    private static final Log log = LogFactory.getLog(RollerSessionManager.class);
    private static final String CACHE_ID = "roller.session.cache";
-
    private final Cache sessionCache;
 
    public static RollerSessionManager getInstance() {
@@ -24,20 +23,28 @@ private static class SingletonHolder {
       private static final RollerSessionManager INSTANCE = new RollerSessionManager();
    }
 
-   private class SessionCacheHandler extends CacheHandlerAdapter {
-     public void invalidateUser(User user) {
+   class SessionCacheHandler extends CacheHandlerAdapter {
+     @Override
+     public void invalidate(User user) {
          if (user != null && user.getUserName() != null) {
             sessionCache.remove(user.getUserName());
          }
       }
    }
 
+   /** Testing purpose only */
+   RollerSessionManager(Cache cache) {
+      this.sessionCache = cache;
+      CacheManager.registerHandler(new SessionCacheHandler());
+   }
+
    private RollerSessionManager() {
       Map<String, String> cacheProps = new HashMap<>();
       cacheProps.put("id", CACHE_ID);
+      cacheProps.put("size", "1000");  // Cache up to 1000 sessions
+      cacheProps.put("timeout", "3600"); // Session timeout in seconds (1 hour)
       this.sessionCache = CacheManager.constructCache(null, cacheProps);
-      SessionCacheHandler cacheHandler = new SessionCacheHandler();
-      CacheManager.registerHandler(cacheHandler);
+      CacheManager.registerHandler(new SessionCacheHandler());
    }
 
    public void register(String userName, RollerSession session) {

app/src/test/java/org/apache/roller/weblogger/ui/core/RollerSessionManagerTest.java

@@ -0,0 +1,106 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ *  contributor license agreements.  The ASF licenses this file to You
+ * under the Apache License, Version 2.0 (the "License"); you may not
+ * use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.  For additional information regarding
+ * copyright in this work, please see the NOTICE file in the top level
+ * directory of this distribution.
+ */
+
+package org.apache.roller.weblogger.ui.core;
+
+import org.apache.roller.weblogger.pojos.User;
+import org.apache.roller.weblogger.util.cache.Cache;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertNull;
+import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.Mockito.*;
+
+class RollerSessionManagerTest {
+    private RollerSessionManager sessionManager;
+    private Cache mockCache;
+
+    @BeforeEach
+    void setUp() {
+        mockCache = mock(Cache.class);
+        sessionManager = new RollerSessionManager(mockCache);
+    }
+
+    @Test
+    void testRegisterSession() {
+        RollerSession mockSession = mock(RollerSession.class);
+        String userName = "testUser";
+
+        sessionManager.register(userName, mockSession);
+
+        verify(mockCache).put(userName, mockSession);
+    }
+
+    @Test
+    void testGetSession() {
+        RollerSession mockSession = mock(RollerSession.class);
+        String userName = "testUser";
+        when(mockCache.get(userName)).thenReturn(mockSession);
+
+        RollerSession result = sessionManager.get(userName);
+
+        assertEquals(mockSession, result);
+        verify(mockCache).get(userName);
+    }
+
+    @Test
+    void testInvalidateSession() {
+        String userName = "testUser";
+
+        sessionManager.invalidate(userName);
+
+        verify(mockCache).remove(userName);
+    }
+
+    @Test
+    void testCacheHandlerInvalidation() {
+        User mockUser = mock(User.class);
+        String userName = "testUser";
+        when(mockUser.getUserName()).thenReturn(userName);
+
+        sessionManager.new SessionCacheHandler().invalidate(mockUser);
+
+        verify(mockCache).remove(userName);
+    }
+
+    @Test
+    void testNullInputHandling() {
+        RollerSession mockSession = mock(RollerSession.class);
+
+        sessionManager.register(null, mockSession);
+        sessionManager.invalidate(null);
+        sessionManager.get(null);
+
+        verify(mockCache, never()).put(any(), any());
+        verify(mockCache, never()).remove(any());
+        verify(mockCache, never()).get(any());
+    }
+
+    @Test
+    void testSessionTimeout() {
+        String userName = "testUser";
+        when(mockCache.get(userName)).thenReturn(null);
+
+        RollerSession result = sessionManager.get(userName);
+
+        assertNull(result);
+        verify(mockCache).get(userName);
+    }
+}