Examples of org.springframework.security.web.authentication.rememberme.PersistentTokenBasedRememberMeServices

Package org.springframework.security.web.authentication.rememberme

Examples of org.springframework.security.web.authentication.rememberme.PersistentTokenBasedRememberMeServices

org.springframework.security.web.authentication.rememberme.PersistentTokenBasedRememberMeServices
n.com/improved_persistent_login_cookie_best_practice">Improved Persistent Login Cookie Best Practice. There is a slight modification to the described approach, in that the username is not stored as part of the cookie but obtained from the persistent store via an implementation of {@link PersistentTokenRepository}. The latter should place a unique constraint on the series identifier, so that it is impossible for the same identifier to be allocated to two different users.
User management such as changing passwords, removing users and setting user status should be combined with maintenance of the user's persistent tokens.

Note that while this class will use the date a token was created to check whether a presented cookie is older than the configured tokenValiditySeconds property and deny authentication in this case, it will not delete these tokens from storage. A suitable batch process should be run periodically to remove expired tokens from the database.
@author Luke Taylor @since 2.0

     * @return the {@link PersistentTokenBasedRememberMeServices}
     */
    private AbstractRememberMeServices createPersistentRememberMeServices(
            H http, String key) {
        UserDetailsService userDetailsService = getUserDetailsService(http);
        return new PersistentTokenBasedRememberMeServices(key,
                userDetailsService, tokenRepository);
    }

View Full Code Here

public class PersistentTokenBasedRememberMeServicesTests {
    private PersistentTokenBasedRememberMeServices services;


    @Before
    public void setUpData() throws Exception {
        services = new PersistentTokenBasedRememberMeServices("key",
                new AbstractRememberMeServicesTests.MockUserDetailsService(AbstractRememberMeServicesTests.joe, false),
                new InMemoryTokenRepositoryImpl());
        services.setCookieName("mycookiename");
        // Default to 100 days (see SEC-1081).
        services.setTokenValiditySeconds(100 * 24 * 60 * 60);

View Full Code Here

     * @return the {@link PersistentTokenBasedRememberMeServices}
     */
    private AbstractRememberMeServices createPersistentRememberMeServices(
            H http, String key) {
        UserDetailsService userDetailsService = getUserDetailsService(http);
        return new PersistentTokenBasedRememberMeServices(key,
                userDetailsService, tokenRepository);
    }

View Full Code Here

TOP

Related Classes of org.springframework.security.web.authentication.rememberme.PersistentTokenBasedRememberMeServices

org.springframework.security.config.annotation.web.configurers.RememberMeConfigurer

org.springframework.security.core.userdetails.UserDetails

org.springframework.security.web.authentication.rememberme.PersistentTokenBasedRememberMeServicesTests

java.security.SecureRandom

java.util.Date

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.