package org.springframework.security.ui;

import java.io.IOException;
import java.util.Properties;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import junit.framework.Assert;
import junit.framework.TestCase;
import org.springframework.mock.web.MockFilterConfig;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
import org.springframework.security.AccountExpiredException;
import org.springframework.security.Authentication;
import org.springframework.security.AuthenticationException;
import org.springframework.security.BadCredentialsException;
import org.springframework.security.GrantedAuthority;
import org.springframework.security.GrantedAuthorityImpl;
import org.springframework.security.MockAuthenticationManager;
import org.springframework.security.context.SecurityContextHolder;
import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
import org.springframework.security.ui.rememberme.NullRememberMeServices;
import org.springframework.security.ui.rememberme.TokenBasedRememberMeServices;
import org.springframework.security.ui.savedrequest.SavedRequest;
import org.springframework.security.util.PortResolverImpl;

/* loaded from: input_file:spring-security-core-2.0.8.RELEASE-tests.jar:org/springframework/security/ui/AbstractProcessingFilterTests.class */
public class AbstractProcessingFilterTests extends TestCase {

    /* loaded from: input_file:spring-security-core-2.0.8.RELEASE-tests.jar:org/springframework/security/ui/AbstractProcessingFilterTests$MockAbstractProcessingFilter.class */
    private class MockAbstractProcessingFilter extends AbstractProcessingFilter {
        private AuthenticationException exceptionToThrow;
        private boolean grantAccess;

        public MockAbstractProcessingFilter(boolean z) {
            setRememberMeServices(new NullRememberMeServices());
            this.grantAccess = z;
            this.exceptionToThrow = new BadCredentialsException("Mock requested to do so");
        }

        public MockAbstractProcessingFilter(AuthenticationException authenticationException) {
            setRememberMeServices(new NullRememberMeServices());
            this.grantAccess = false;
            this.exceptionToThrow = authenticationException;
        }

        private MockAbstractProcessingFilter() {
        }

        @Override // org.springframework.security.ui.AbstractProcessingFilter
        public Authentication attemptAuthentication(HttpServletRequest httpServletRequest) throws AuthenticationException {
            if (this.grantAccess) {
                return new UsernamePasswordAuthenticationToken("test", "test", new GrantedAuthority[]{new GrantedAuthorityImpl("TEST")});
            }
            throw this.exceptionToThrow;
        }

        @Override // org.springframework.security.ui.AbstractProcessingFilter
        public String getDefaultFilterProcessesUrl() {
            return "/j_mock_post";
        }

        @Override // org.springframework.security.ui.AbstractProcessingFilter
        public boolean requiresAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
            return super.requiresAuthentication(httpServletRequest, httpServletResponse);
        }

        @Override // org.springframework.security.ui.SpringSecurityFilter
        public int getOrder() {
            return 0;
        }
    }

    /* loaded from: input_file:spring-security-core-2.0.8.RELEASE-tests.jar:org/springframework/security/ui/AbstractProcessingFilterTests$MockFilterChain.class */
    private class MockFilterChain implements FilterChain {
        private boolean expectToProceed;

        public MockFilterChain(boolean z) {
            this.expectToProceed = z;
        }

        public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse) throws IOException, ServletException {
            if (this.expectToProceed) {
                Assert.assertTrue(true);
            } else {
                Assert.fail("Did not expect filter chain to proceed");
            }
        }
    }

    public AbstractProcessingFilterTests() {
    }

    public AbstractProcessingFilterTests(String str) {
        super(str);
    }

    private MockHttpServletRequest createMockRequest() {
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.setServletPath("/j_mock_post");
        mockHttpServletRequest.setScheme("http");
        mockHttpServletRequest.setServerName("www.example.com");
        mockHttpServletRequest.setRequestURI("/mycontext/j_mock_post");
        mockHttpServletRequest.setContextPath("/mycontext");
        return mockHttpServletRequest;
    }

    private void executeFilterInContainerSimulator(FilterConfig filterConfig, Filter filter, ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws ServletException, IOException {
        filter.init(filterConfig);
        filter.doFilter(servletRequest, servletResponse, filterChain);
        filter.destroy();
    }

    private SavedRequest makeSavedRequestForUrl() {
        MockHttpServletRequest createMockRequest = createMockRequest();
        createMockRequest.setMethod("GET");
        createMockRequest.setServletPath("/some_protected_file.html");
        createMockRequest.setScheme("http");
        createMockRequest.setServerName("www.example.com");
        createMockRequest.setRequestURI("/mycontext/some_protected_file.html");
        return new SavedRequest(createMockRequest, new PortResolverImpl());
    }

    private SavedRequest makePostSavedRequestForUrl() {
        MockHttpServletRequest createMockRequest = createMockRequest();
        createMockRequest.setServletPath("/some_protected_file.html");
        createMockRequest.setScheme("http");
        createMockRequest.setServerName("www.example.com");
        createMockRequest.setRequestURI("/mycontext/post/some_protected_file.html");
        createMockRequest.setMethod("POST");
        return new SavedRequest(createMockRequest, new PortResolverImpl());
    }

    protected void setUp() throws Exception {
        super.setUp();
        SecurityContextHolder.clearContext();
    }

    protected void tearDown() throws Exception {
        super.tearDown();
        SecurityContextHolder.clearContext();
    }

    public void testDefaultProcessesFilterUrlMatchesWithPathParameter() {
        HttpServletRequest createMockRequest = createMockRequest();
        HttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        MockAbstractProcessingFilter mockAbstractProcessingFilter = new MockAbstractProcessingFilter();
        mockAbstractProcessingFilter.setFilterProcessesUrl("/j_spring_security_check");
        createMockRequest.setRequestURI("/mycontext/j_spring_security_check;jsessionid=I8MIONOSTHOR");
        assertTrue(mockAbstractProcessingFilter.requiresAuthentication(createMockRequest, mockHttpServletResponse));
    }

    public void testFailedAuthenticationRedirectsAppropriately() throws Exception {
        MockHttpServletRequest createMockRequest = createMockRequest();
        FilterConfig mockFilterConfig = new MockFilterConfig((ServletContext) null, (String) null);
        FilterChain mockFilterChain = new MockFilterChain(false);
        ServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        MockAbstractProcessingFilter mockAbstractProcessingFilter = new MockAbstractProcessingFilter(false);
        mockAbstractProcessingFilter.setAuthenticationFailureUrl("/failed.jsp");
        executeFilterInContainerSimulator(mockFilterConfig, mockAbstractProcessingFilter, createMockRequest, mockHttpServletResponse, mockFilterChain);
        assertEquals("/mycontext/failed.jsp", mockHttpServletResponse.getRedirectedUrl());
        assertNull(SecurityContextHolder.getContext().getAuthentication());
        MockAbstractProcessingFilter mockAbstractProcessingFilter2 = new MockAbstractProcessingFilter(new AccountExpiredException("You're account is expired"));
        mockAbstractProcessingFilter2.setAuthenticationFailureUrl("/failed.jsp");
        Properties exceptionMappings = mockAbstractProcessingFilter2.getExceptionMappings();
        exceptionMappings.setProperty(AccountExpiredException.class.getName(), "/accountExpired.jsp");
        mockAbstractProcessingFilter2.setExceptionMappings(exceptionMappings);
        ServletResponse mockHttpServletResponse2 = new MockHttpServletResponse();
        executeFilterInContainerSimulator(mockFilterConfig, mockAbstractProcessingFilter2, createMockRequest, mockHttpServletResponse2, mockFilterChain);
        assertEquals("/mycontext/accountExpired.jsp", mockHttpServletResponse2.getRedirectedUrl());
        assertNull(SecurityContextHolder.getContext().getAuthentication());
    }

    public void testFilterProcessesUrlVariationsRespected() throws Exception {
        MockHttpServletRequest createMockRequest = createMockRequest();
        createMockRequest.setServletPath("/j_OTHER_LOCATION");
        createMockRequest.setRequestURI("/mycontext/j_OTHER_LOCATION");
        FilterConfig mockFilterConfig = new MockFilterConfig((ServletContext) null, (String) null);
        FilterChain mockFilterChain = new MockFilterChain(false);
        ServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        MockAbstractProcessingFilter mockAbstractProcessingFilter = new MockAbstractProcessingFilter(true);
        mockAbstractProcessingFilter.setFilterProcessesUrl("/j_OTHER_LOCATION");
        mockAbstractProcessingFilter.setDefaultTargetUrl("/logged_in.jsp");
        executeFilterInContainerSimulator(mockFilterConfig, mockAbstractProcessingFilter, createMockRequest, mockHttpServletResponse, mockFilterChain);
        assertEquals("/mycontext/logged_in.jsp", mockHttpServletResponse.getRedirectedUrl());
        assertNotNull(SecurityContextHolder.getContext().getAuthentication());
        assertEquals("test", SecurityContextHolder.getContext().getAuthentication().getPrincipal().toString());
    }

    public void testGettersSetters() throws Exception {
        MockAbstractProcessingFilter mockAbstractProcessingFilter = new MockAbstractProcessingFilter();
        mockAbstractProcessingFilter.setAuthenticationManager(new MockAuthenticationManager());
        mockAbstractProcessingFilter.setDefaultTargetUrl("/default");
        mockAbstractProcessingFilter.setFilterProcessesUrl("/p");
        mockAbstractProcessingFilter.setAuthenticationFailureUrl("/fail");
        mockAbstractProcessingFilter.afterPropertiesSet();
        assertNotNull(mockAbstractProcessingFilter.getRememberMeServices());
        mockAbstractProcessingFilter.setRememberMeServices(new TokenBasedRememberMeServices());
        assertEquals(TokenBasedRememberMeServices.class, mockAbstractProcessingFilter.getRememberMeServices().getClass());
        assertTrue(mockAbstractProcessingFilter.getAuthenticationManager() != null);
        assertEquals("/default", mockAbstractProcessingFilter.getDefaultTargetUrl());
        assertEquals("/p", mockAbstractProcessingFilter.getFilterProcessesUrl());
        assertEquals("/fail", mockAbstractProcessingFilter.getAuthenticationFailureUrl());
    }

    public void testDefaultUrlMuststartWithSlashOrHttpScheme() {
        MockAbstractProcessingFilter mockAbstractProcessingFilter = new MockAbstractProcessingFilter();
        mockAbstractProcessingFilter.setDefaultTargetUrl("/acceptableRelativeUrl");
        mockAbstractProcessingFilter.setDefaultTargetUrl("http://some.site.org/index.html");
        mockAbstractProcessingFilter.setDefaultTargetUrl("https://some.site.org/index.html");
        try {
            mockAbstractProcessingFilter.setDefaultTargetUrl("missingSlash");
            fail("Shouldn't accept default target without leading slash");
        } catch (IllegalArgumentException e) {
        }
    }

    public void testIgnoresAnyServletPathOtherThanFilterProcessesUrl() throws Exception {
        MockHttpServletRequest createMockRequest = createMockRequest();
        createMockRequest.setServletPath("/some.file.html");
        createMockRequest.setRequestURI("/mycontext/some.file.html");
        MockFilterConfig mockFilterConfig = new MockFilterConfig((ServletContext) null, (String) null);
        MockFilterChain mockFilterChain = new MockFilterChain(true);
        executeFilterInContainerSimulator(mockFilterConfig, new MockAbstractProcessingFilter(false), createMockRequest, new MockHttpServletResponse(), mockFilterChain);
    }

    public void testNormalOperationWithDefaultFilterProcessesUrl() throws Exception {
        MockHttpServletRequest createMockRequest = createMockRequest();
        HttpSession session = createMockRequest.getSession();
        FilterConfig mockFilterConfig = new MockFilterConfig((ServletContext) null, (String) null);
        FilterChain mockFilterChain = new MockFilterChain(false);
        ServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        MockAbstractProcessingFilter mockAbstractProcessingFilter = new MockAbstractProcessingFilter(true);
        mockAbstractProcessingFilter.setFilterProcessesUrl("/j_mock_post");
        mockAbstractProcessingFilter.setDefaultTargetUrl("/logged_in.jsp");
        mockAbstractProcessingFilter.setAuthenticationFailureUrl("/failure.jsp");
        mockAbstractProcessingFilter.setAuthenticationManager(new MockAuthenticationManager(true));
        mockAbstractProcessingFilter.afterPropertiesSet();
        executeFilterInContainerSimulator(mockFilterConfig, mockAbstractProcessingFilter, createMockRequest, mockHttpServletResponse, mockFilterChain);
        assertEquals("/mycontext/logged_in.jsp", mockHttpServletResponse.getRedirectedUrl());
        assertNotNull(SecurityContextHolder.getContext().getAuthentication());
        assertEquals("test", SecurityContextHolder.getContext().getAuthentication().getPrincipal().toString());
        assertEquals(session, createMockRequest.getSession());
    }

    public void testStartupDetectsInvalidAuthenticationManager() throws Exception {
        MockAbstractProcessingFilter mockAbstractProcessingFilter = new MockAbstractProcessingFilter();
        mockAbstractProcessingFilter.setAuthenticationFailureUrl("/failed.jsp");
        mockAbstractProcessingFilter.setDefaultTargetUrl("/");
        mockAbstractProcessingFilter.setFilterProcessesUrl("/j_spring_security_check");
        try {
            mockAbstractProcessingFilter.afterPropertiesSet();
            fail("Should have thrown IllegalArgumentException");
        } catch (IllegalArgumentException e) {
            assertEquals("authenticationManager must be specified", e.getMessage());
        }
    }

    public void testStartupDetectsInvalidDefaultTargetUrl() throws Exception {
        MockAbstractProcessingFilter mockAbstractProcessingFilter = new MockAbstractProcessingFilter();
        mockAbstractProcessingFilter.setAuthenticationFailureUrl("/failed.jsp");
        mockAbstractProcessingFilter.setAuthenticationManager(new MockAuthenticationManager());
        mockAbstractProcessingFilter.setFilterProcessesUrl("/j_spring_security_check");
        try {
            mockAbstractProcessingFilter.afterPropertiesSet();
            fail("Should have thrown IllegalArgumentException");
        } catch (IllegalArgumentException e) {
            assertEquals("defaultTargetUrl must be specified", e.getMessage());
        }
    }

    public void testStartupDetectsInvalidFilterProcessesUrl() throws Exception {
        MockAbstractProcessingFilter mockAbstractProcessingFilter = new MockAbstractProcessingFilter();
        mockAbstractProcessingFilter.setAuthenticationFailureUrl("/failed.jsp");
        mockAbstractProcessingFilter.setAuthenticationManager(new MockAuthenticationManager());
        mockAbstractProcessingFilter.setDefaultTargetUrl("/");
        mockAbstractProcessingFilter.setFilterProcessesUrl(null);
        try {
            mockAbstractProcessingFilter.afterPropertiesSet();
            fail("Should have thrown IllegalArgumentException");
        } catch (IllegalArgumentException e) {
            assertEquals("filterProcessesUrl must be specified", e.getMessage());
        }
    }

    public void testSuccessLoginThenFailureLoginResultsInSessionLosingToken() throws Exception {
        MockHttpServletRequest createMockRequest = createMockRequest();
        FilterConfig mockFilterConfig = new MockFilterConfig((ServletContext) null, (String) null);
        FilterChain mockFilterChain = new MockFilterChain(false);
        ServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        MockAbstractProcessingFilter mockAbstractProcessingFilter = new MockAbstractProcessingFilter(true);
        mockAbstractProcessingFilter.setFilterProcessesUrl("/j_mock_post");
        mockAbstractProcessingFilter.setDefaultTargetUrl("/logged_in.jsp");
        executeFilterInContainerSimulator(mockFilterConfig, mockAbstractProcessingFilter, createMockRequest, mockHttpServletResponse, mockFilterChain);
        assertEquals("/mycontext/logged_in.jsp", mockHttpServletResponse.getRedirectedUrl());
        assertNotNull(SecurityContextHolder.getContext().getAuthentication());
        assertEquals("test", SecurityContextHolder.getContext().getAuthentication().getPrincipal().toString());
        FilterChain mockFilterChain2 = new MockFilterChain(false);
        ServletResponse mockHttpServletResponse2 = new MockHttpServletResponse();
        MockAbstractProcessingFilter mockAbstractProcessingFilter2 = new MockAbstractProcessingFilter(false);
        mockAbstractProcessingFilter2.setFilterProcessesUrl("/j_mock_post");
        mockAbstractProcessingFilter2.setAuthenticationFailureUrl("/failed.jsp");
        executeFilterInContainerSimulator(mockFilterConfig, mockAbstractProcessingFilter2, createMockRequest, mockHttpServletResponse2, mockFilterChain2);
        assertNull(SecurityContextHolder.getContext().getAuthentication());
    }

    public void testSuccessfulAuthenticationButWithAlwaysUseDefaultTargetUrlCausesRedirectToDefaultTargetUrl() throws Exception {
        MockHttpServletRequest createMockRequest = createMockRequest();
        createMockRequest.getSession().setAttribute(AbstractProcessingFilter.SPRING_SECURITY_SAVED_REQUEST_KEY, makeSavedRequestForUrl());
        FilterConfig mockFilterConfig = new MockFilterConfig((ServletContext) null, (String) null);
        FilterChain mockFilterChain = new MockFilterChain(true);
        ServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        MockAbstractProcessingFilter mockAbstractProcessingFilter = new MockAbstractProcessingFilter(true);
        mockAbstractProcessingFilter.setFilterProcessesUrl("/j_mock_post");
        mockAbstractProcessingFilter.setDefaultTargetUrl("/foobar");
        assertFalse(mockAbstractProcessingFilter.isAlwaysUseDefaultTargetUrl());
        mockAbstractProcessingFilter.setAlwaysUseDefaultTargetUrl(true);
        assertTrue(mockAbstractProcessingFilter.isAlwaysUseDefaultTargetUrl());
        executeFilterInContainerSimulator(mockFilterConfig, mockAbstractProcessingFilter, createMockRequest, mockHttpServletResponse, mockFilterChain);
        assertEquals("/mycontext/foobar", mockHttpServletResponse.getRedirectedUrl());
        assertNotNull(SecurityContextHolder.getContext().getAuthentication());
    }

    public void testSuccessfulAuthenticationCausesRedirectToSessionSpecifiedUrl() throws Exception {
        MockHttpServletRequest createMockRequest = createMockRequest();
        createMockRequest.getSession().setAttribute(AbstractProcessingFilter.SPRING_SECURITY_SAVED_REQUEST_KEY, makeSavedRequestForUrl());
        FilterConfig mockFilterConfig = new MockFilterConfig((ServletContext) null, (String) null);
        FilterChain mockFilterChain = new MockFilterChain(true);
        ServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        MockAbstractProcessingFilter mockAbstractProcessingFilter = new MockAbstractProcessingFilter(true);
        mockAbstractProcessingFilter.setFilterProcessesUrl("/j_mock_post");
        executeFilterInContainerSimulator(mockFilterConfig, mockAbstractProcessingFilter, createMockRequest, mockHttpServletResponse, mockFilterChain);
        assertEquals(makeSavedRequestForUrl().getFullRequestUrl(), mockHttpServletResponse.getRedirectedUrl());
        assertNotNull(SecurityContextHolder.getContext().getAuthentication());
    }

    public void testSuccessfulAuthenticationCausesRedirectToDefaultTargetUrlOnPOSTSavedRequest() throws Exception {
        MockHttpServletRequest createMockRequest = createMockRequest();
        createMockRequest.getSession().setAttribute(AbstractProcessingFilter.SPRING_SECURITY_SAVED_REQUEST_KEY, makePostSavedRequestForUrl());
        FilterConfig mockFilterConfig = new MockFilterConfig((ServletContext) null, (String) null);
        FilterChain mockFilterChain = new MockFilterChain(true);
        ServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        MockAbstractProcessingFilter mockAbstractProcessingFilter = new MockAbstractProcessingFilter(true);
        mockAbstractProcessingFilter.setFilterProcessesUrl("/j_mock_post");
        mockAbstractProcessingFilter.setDefaultTargetUrl("/foobar");
        TargetUrlResolverImpl targetUrlResolverImpl = new TargetUrlResolverImpl();
        targetUrlResolverImpl.setJustUseSavedRequestOnGet(true);
        mockAbstractProcessingFilter.setTargetUrlResolver(targetUrlResolverImpl);
        executeFilterInContainerSimulator(mockFilterConfig, mockAbstractProcessingFilter, createMockRequest, mockHttpServletResponse, mockFilterChain);
        assertEquals("/mycontext/foobar", mockHttpServletResponse.getRedirectedUrl());
        assertNotNull(SecurityContextHolder.getContext().getAuthentication());
    }

    public void testFullDefaultTargetUrlDoesNotHaveContextPathPrepended() throws Exception {
        MockHttpServletRequest createMockRequest = createMockRequest();
        FilterConfig mockFilterConfig = new MockFilterConfig((ServletContext) null, (String) null);
        FilterChain mockFilterChain = new MockFilterChain(true);
        ServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        MockAbstractProcessingFilter mockAbstractProcessingFilter = new MockAbstractProcessingFilter(true);
        mockAbstractProcessingFilter.setDefaultTargetUrl("https://monkeymachine.co.uk/");
        mockAbstractProcessingFilter.setAlwaysUseDefaultTargetUrl(true);
        executeFilterInContainerSimulator(mockFilterConfig, mockAbstractProcessingFilter, createMockRequest, mockHttpServletResponse, mockFilterChain);
        assertEquals("https://monkeymachine.co.uk/", mockHttpServletResponse.getRedirectedUrl());
        assertNotNull(SecurityContextHolder.getContext().getAuthentication());
    }

    public void testNewSessionIsCreatedIfInvalidateSessionOnSuccessfulAuthenticationIsSet() throws Exception {
        MockHttpServletRequest createMockRequest = createMockRequest();
        HttpSession session = createMockRequest.getSession();
        session.setAttribute("test", "test");
        FilterConfig mockFilterConfig = new MockFilterConfig((ServletContext) null, (String) null);
        FilterChain mockFilterChain = new MockFilterChain(true);
        ServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        MockAbstractProcessingFilter mockAbstractProcessingFilter = new MockAbstractProcessingFilter(true);
        mockAbstractProcessingFilter.setInvalidateSessionOnSuccessfulAuthentication(true);
        mockAbstractProcessingFilter.setDefaultTargetUrl("http://monkeymachine.co.uk/");
        executeFilterInContainerSimulator(mockFilterConfig, mockAbstractProcessingFilter, createMockRequest, mockHttpServletResponse, mockFilterChain);
        HttpSession session2 = createMockRequest.getSession();
        assertFalse(session2.getId().equals(session.getId()));
        assertEquals("test", session2.getAttribute("test"));
    }

    public void testAttributesAreNotMigratedToNewlyCreatedSessionIfMigrateAttributesIsFalse() throws Exception {
        MockHttpServletRequest createMockRequest = createMockRequest();
        HttpSession session = createMockRequest.getSession();
        FilterConfig mockFilterConfig = new MockFilterConfig((ServletContext) null, (String) null);
        FilterChain mockFilterChain = new MockFilterChain(true);
        ServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        MockAbstractProcessingFilter mockAbstractProcessingFilter = new MockAbstractProcessingFilter(true);
        mockAbstractProcessingFilter.setInvalidateSessionOnSuccessfulAuthentication(true);
        mockAbstractProcessingFilter.setMigrateInvalidatedSessionAttributes(false);
        mockAbstractProcessingFilter.setDefaultTargetUrl("http://monkeymachine.co.uk/");
        executeFilterInContainerSimulator(mockFilterConfig, mockAbstractProcessingFilter, createMockRequest, mockHttpServletResponse, mockFilterChain);
        HttpSession session2 = createMockRequest.getSession();
        assertFalse(session2.getId().equals(session.getId()));
        assertNull(session2.getAttribute("test"));
    }

    public void testNoSessionIsCreatedIfAllowSessionCreationIsFalse() throws Exception {
        MockHttpServletRequest createMockRequest = createMockRequest();
        FilterConfig mockFilterConfig = new MockFilterConfig((ServletContext) null, (String) null);
        FilterChain mockFilterChain = new MockFilterChain(true);
        ServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        MockAbstractProcessingFilter mockAbstractProcessingFilter = new MockAbstractProcessingFilter(false);
        mockAbstractProcessingFilter.setAllowSessionCreation(false);
        mockAbstractProcessingFilter.setAuthenticationFailureUrl("/");
        mockAbstractProcessingFilter.setDefaultTargetUrl("http://monkeymachine.co.uk/");
        executeFilterInContainerSimulator(mockFilterConfig, mockAbstractProcessingFilter, createMockRequest, mockHttpServletResponse, mockFilterChain);
        assertNull(createMockRequest.getSession(false));
    }

    public void testLoginErrorWithNoFailureUrlSendsUnauthorizedStatus() throws Exception {
        MockHttpServletRequest createMockRequest = createMockRequest();
        FilterConfig mockFilterConfig = new MockFilterConfig((ServletContext) null, (String) null);
        FilterChain mockFilterChain = new MockFilterChain(true);
        ServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        MockAbstractProcessingFilter mockAbstractProcessingFilter = new MockAbstractProcessingFilter(false);
        mockAbstractProcessingFilter.setDefaultTargetUrl("http://monkeymachine.co.uk/");
        executeFilterInContainerSimulator(mockFilterConfig, mockAbstractProcessingFilter, createMockRequest, mockHttpServletResponse, mockFilterChain);
        assertEquals(401, mockHttpServletResponse.getStatus());
    }

    public void testServerSideRedirectForwardsToFailureUrl() throws Exception {
        MockHttpServletRequest createMockRequest = createMockRequest();
        FilterConfig mockFilterConfig = new MockFilterConfig((ServletContext) null, (String) null);
        FilterChain mockFilterChain = new MockFilterChain(true);
        ServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        MockAbstractProcessingFilter mockAbstractProcessingFilter = new MockAbstractProcessingFilter(false);
        mockAbstractProcessingFilter.setDefaultTargetUrl("http://monkeymachine.co.uk/");
        mockAbstractProcessingFilter.setAuthenticationFailureUrl("/error");
        mockAbstractProcessingFilter.setServerSideRedirect(true);
        executeFilterInContainerSimulator(mockFilterConfig, mockAbstractProcessingFilter, createMockRequest, mockHttpServletResponse, mockFilterChain);
        assertEquals("/error", mockHttpServletResponse.getForwardedUrl());
    }

    public void testTargetUrlParameterIsUsedIfPresent() throws Exception {
        MockHttpServletRequest createMockRequest = createMockRequest();
        createMockRequest.setParameter("targetUrl", "/target");
        FilterConfig mockFilterConfig = new MockFilterConfig((ServletContext) null, (String) null);
        FilterChain mockFilterChain = new MockFilterChain(true);
        ServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        MockAbstractProcessingFilter mockAbstractProcessingFilter = new MockAbstractProcessingFilter(true);
        TargetUrlResolverImpl targetUrlResolverImpl = new TargetUrlResolverImpl();
        targetUrlResolverImpl.setTargetUrlParameter("targetUrl");
        mockAbstractProcessingFilter.setTargetUrlResolver(targetUrlResolverImpl);
        mockAbstractProcessingFilter.setDefaultTargetUrl("http://monkeymachine.co.uk/");
        mockAbstractProcessingFilter.setAuthenticationFailureUrl("/error");
        executeFilterInContainerSimulator(mockFilterConfig, mockAbstractProcessingFilter, createMockRequest, mockHttpServletResponse, mockFilterChain);
        assertEquals("/mycontext/target", mockHttpServletResponse.getRedirectedUrl());
    }
}
