Example usage for javax.servlet SessionCookieConfig isHttpOnly

List of usage examples for javax.servlet SessionCookieConfig isHttpOnly

Introduction

In this page you can find the example usage for javax.servlet SessionCookieConfig isHttpOnly.

Prototype

public boolean isHttpOnly();

Source Link

Document

Checks if the session tracking cookies created on behalf of the application represented by the <tt>ServletContext</tt> from which this <tt>SessionCookieConfig</tt> was acquired will be marked as <i>HttpOnly</i>.

Usage

From source file:com.thoughtworks.go.server.Jetty9ServerTest.java

@Test
public void shouldSetSessionCookieConfig() throws Exception {
    when(systemEnvironment.isSessionCookieSecure()).thenReturn(true);
    jetty9Server.configure();/*from  w  ww  . j  a  v  a 2s . co  m*/
    jetty9Server.setSessionConfig();
    jetty9Server.startHandlers();

    WebAppContext webAppContext = (WebAppContext) getLoadedHandlers().get(WebAppContext.class);
    SessionCookieConfig sessionCookieConfig = webAppContext.getSessionHandler().getSessionCookieConfig();
    assertThat(sessionCookieConfig.isHttpOnly(), is(true));
    assertThat(sessionCookieConfig.isSecure(), is(true));
    assertThat(sessionCookieConfig.getMaxAge(), is(5678));

    when(systemEnvironment.isSessionCookieSecure()).thenReturn(false);
    jetty9Server.setSessionConfig();
    assertThat(sessionCookieConfig.isSecure(), is(false));
}