SEC-182: Remember-me compatibility with concurrent session support.
This commit is contained in:
Ben Alex
parent
c6eacf026d
commit
0282696202
|
|
@ -1,4 +1,4 @@
|
||||||
/* Copyright 2004, 2005 Acegi Technology Pty Limited
|
/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
* you may not use this file except in compliance with the License.
|
* you may not use this file except in compliance with the License.
|
||||||
|
|
@ -16,9 +16,13 @@
|
||||||
package org.acegisecurity.ui.rememberme;
|
package org.acegisecurity.ui.rememberme;
|
||||||
|
|
||||||
import org.acegisecurity.Authentication;
|
import org.acegisecurity.Authentication;
|
||||||
|
|
||||||
import org.acegisecurity.providers.rememberme.RememberMeAuthenticationToken;
|
import org.acegisecurity.providers.rememberme.RememberMeAuthenticationToken;
|
||||||
import org.acegisecurity.userdetails.UserDetailsService;
|
|
||||||
|
import org.acegisecurity.ui.WebAuthenticationDetails;
|
||||||
|
|
||||||
import org.acegisecurity.userdetails.UserDetails;
|
import org.acegisecurity.userdetails.UserDetails;
|
||||||
|
import org.acegisecurity.userdetails.UserDetailsService;
|
||||||
import org.acegisecurity.userdetails.UsernameNotFoundException;
|
import org.acegisecurity.userdetails.UsernameNotFoundException;
|
||||||
|
|
||||||
import org.apache.commons.codec.binary.Base64;
|
import org.apache.commons.codec.binary.Base64;
|
||||||
|
|
@ -57,11 +61,11 @@ import javax.servlet.http.HttpServletResponse;
|
||||||
* </p>
|
* </p>
|
||||||
*
|
*
|
||||||
* <p>
|
* <p>
|
||||||
* An {@link org.acegisecurity.userdetails.UserDetailsService} is required
|
* An {@link org.acegisecurity.userdetails.UserDetailsService} is required by
|
||||||
* by this implementation, so that it can construct a valid
|
* this implementation, so that it can construct a valid
|
||||||
* <code>Authentication</code> from the returned {@link
|
* <code>Authentication</code> from the returned {@link
|
||||||
* org.acegisecurity.userdetails.UserDetails}. This is also necessary so that the
|
* org.acegisecurity.userdetails.UserDetails}. This is also necessary so that
|
||||||
* user's password is available and can be checked as part of the encoded
|
* the user's password is available and can be checked as part of the encoded
|
||||||
* cookie.
|
* cookie.
|
||||||
* </p>
|
* </p>
|
||||||
*
|
*
|
||||||
|
|
@ -112,45 +116,13 @@ public class TokenBasedRememberMeServices implements RememberMeServices,
|
||||||
|
|
||||||
//~ Instance fields ========================================================
|
//~ Instance fields ========================================================
|
||||||
|
|
||||||
private UserDetailsService userDetailsService;
|
|
||||||
private String key;
|
private String key;
|
||||||
private String parameter = DEFAULT_PARAMETER;
|
private String parameter = DEFAULT_PARAMETER;
|
||||||
|
private UserDetailsService userDetailsService;
|
||||||
private long tokenValiditySeconds = 1209600; // 14 days
|
private long tokenValiditySeconds = 1209600; // 14 days
|
||||||
|
|
||||||
//~ Methods ================================================================
|
//~ Methods ================================================================
|
||||||
|
|
||||||
public void setUserDetailsService(UserDetailsService authenticationDao) {
|
|
||||||
this.userDetailsService = authenticationDao;
|
|
||||||
}
|
|
||||||
|
|
||||||
public UserDetailsService getUserDetailsService() {
|
|
||||||
return userDetailsService;
|
|
||||||
}
|
|
||||||
|
|
||||||
public void setKey(String key) {
|
|
||||||
this.key = key;
|
|
||||||
}
|
|
||||||
|
|
||||||
public String getKey() {
|
|
||||||
return key;
|
|
||||||
}
|
|
||||||
|
|
||||||
public void setParameter(String parameter) {
|
|
||||||
this.parameter = parameter;
|
|
||||||
}
|
|
||||||
|
|
||||||
public String getParameter() {
|
|
||||||
return parameter;
|
|
||||||
}
|
|
||||||
|
|
||||||
public void setTokenValiditySeconds(long tokenValiditySeconds) {
|
|
||||||
this.tokenValiditySeconds = tokenValiditySeconds;
|
|
||||||
}
|
|
||||||
|
|
||||||
public long getTokenValiditySeconds() {
|
|
||||||
return tokenValiditySeconds;
|
|
||||||
}
|
|
||||||
|
|
||||||
public void afterPropertiesSet() throws Exception {
|
public void afterPropertiesSet() throws Exception {
|
||||||
Assert.hasLength(key);
|
Assert.hasLength(key);
|
||||||
Assert.hasLength(parameter);
|
Assert.hasLength(parameter);
|
||||||
|
|
@ -258,8 +230,11 @@ public class TokenBasedRememberMeServices implements RememberMeServices,
|
||||||
logger.debug("Remember-me cookie accepted");
|
logger.debug("Remember-me cookie accepted");
|
||||||
}
|
}
|
||||||
|
|
||||||
return new RememberMeAuthenticationToken(this.key,
|
RememberMeAuthenticationToken auth = new RememberMeAuthenticationToken(this.key,
|
||||||
userDetails, userDetails.getAuthorities());
|
userDetails, userDetails.getAuthorities());
|
||||||
|
auth.setDetails(new WebAuthenticationDetails(request));
|
||||||
|
|
||||||
|
return auth;
|
||||||
} else {
|
} else {
|
||||||
cancelCookie(request, response,
|
cancelCookie(request, response,
|
||||||
"Cookie token did not contain 3 tokens; decoded value was '"
|
"Cookie token did not contain 3 tokens; decoded value was '"
|
||||||
|
|
@ -280,6 +255,31 @@ public class TokenBasedRememberMeServices implements RememberMeServices,
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private void cancelCookie(HttpServletRequest request,
|
||||||
|
HttpServletResponse response, String reasonForLog) {
|
||||||
|
if ((reasonForLog != null) && logger.isDebugEnabled()) {
|
||||||
|
logger.debug("Cancelling cookie for reason: " + reasonForLog);
|
||||||
|
}
|
||||||
|
|
||||||
|
response.addCookie(makeCancelCookie());
|
||||||
|
}
|
||||||
|
|
||||||
|
public String getKey() {
|
||||||
|
return key;
|
||||||
|
}
|
||||||
|
|
||||||
|
public String getParameter() {
|
||||||
|
return parameter;
|
||||||
|
}
|
||||||
|
|
||||||
|
public long getTokenValiditySeconds() {
|
||||||
|
return tokenValiditySeconds;
|
||||||
|
}
|
||||||
|
|
||||||
|
public UserDetailsService getUserDetailsService() {
|
||||||
|
return userDetailsService;
|
||||||
|
}
|
||||||
|
|
||||||
public void loginFail(HttpServletRequest request,
|
public void loginFail(HttpServletRequest request,
|
||||||
HttpServletResponse response) {
|
HttpServletResponse response) {
|
||||||
cancelCookie(request, response,
|
cancelCookie(request, response,
|
||||||
|
|
@ -353,12 +353,19 @@ public class TokenBasedRememberMeServices implements RememberMeServices,
|
||||||
return cookie;
|
return cookie;
|
||||||
}
|
}
|
||||||
|
|
||||||
private void cancelCookie(HttpServletRequest request,
|
public void setKey(String key) {
|
||||||
HttpServletResponse response, String reasonForLog) {
|
this.key = key;
|
||||||
if ((reasonForLog != null) && logger.isDebugEnabled()) {
|
}
|
||||||
logger.debug("Cancelling cookie for reason: " + reasonForLog);
|
|
||||||
}
|
|
||||||
|
|
||||||
response.addCookie(makeCancelCookie());
|
public void setParameter(String parameter) {
|
||||||
|
this.parameter = parameter;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setTokenValiditySeconds(long tokenValiditySeconds) {
|
||||||
|
this.tokenValiditySeconds = tokenValiditySeconds;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setUserDetailsService(UserDetailsService authenticationDao) {
|
||||||
|
this.userDetailsService = authenticationDao;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue