/** * Invokes the GC several times and verifies that the object referenced by the weak reference was garbage collected. */ @SuppressWarnings("squid:S1215") public static void assertGC(WeakReference<?> ref) { int maxRuns = 50; for (int i = 0; i < maxRuns; i++) { if (ref.get() == null) { return; } System.gc(); SleepUtil.sleepSafe(50, TimeUnit.MILLISECONDS); } Assert.fail("Potential memory leak, object " + ref.get() + "still exists after gc"); }
/** * Method invoked if the user could not be verified, or the user's credential was wrong. */ protected void handleForbidden(final int status, final HttpServletResponse resp) throws IOException { if (status == ICredentialVerifier.AUTH_CREDENTIALS_REQUIRED) { resp.addHeader(ServletFilterHelper.HTTP_HEADER_WWW_AUTHENTICATE, ServletFilterHelper.HTTP_BASIC_AUTH_NAME); resp.sendError(HttpServletResponse.SC_UNAUTHORIZED); } else { if (m_config.getStatus403WaitMillis() > 0L) { SleepUtil.sleepSafe(m_config.getStatus403WaitMillis(), TimeUnit.MILLISECONDS); } resp.sendError(HttpServletResponse.SC_FORBIDDEN); } }
/** * Method invoked if the user could not be verified. The default implementation waits some time to address brute-force * attacks, and sets a 403 HTTP status code. * * @param status * is a {@link ICredentialVerifier} AUTH_* constant * @param response */ protected void handleForbidden(final int status, final HttpServletResponse response) throws IOException { if (m_config.getStatus403WaitMillis() > 0L) { SleepUtil.sleepSafe(m_config.getStatus403WaitMillis(), TimeUnit.MILLISECONDS); } response.sendError(HttpServletResponse.SC_FORBIDDEN); }
SleepUtil.sleepSafe(10, TimeUnit.SECONDS); // sleep some time before connecting anew