From 0c77c2071be345a2a76ca75920574546978141d0 Mon Sep 17 00:00:00 2001 From: Kazuki Shimizu Date: Thu, 26 Feb 2015 10:07:51 +0900 Subject: [PATCH] SEC-2880: Add a setter method to override the cookie name of remember-me --- .../web/configurers/RememberMeConfigurer.java | 14 ++++++++++++- .../NamespaceRememberMeTests.groovy | 21 ++++++++++++++++++- 2 files changed, 33 insertions(+), 2 deletions(-) diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/RememberMeConfigurer.java b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/RememberMeConfigurer.java index 91988cf741..4b40a3a1b1 100644 --- a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/RememberMeConfigurer.java +++ b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/RememberMeConfigurer.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2013 the original author or authors. + * Copyright 2002-2015 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -180,6 +180,18 @@ public final class RememberMeConfigurer> extend return this; } + /** + * The name of cookie which store the token for remember me authentication. Defaults to 'remember-me'. + * + * @param rememberMeCookieName the name of cookie which store the token for remember me authentication + * @return the {@link RememberMeConfigurer} for further customization + * @since 4.0.1 + */ + public RememberMeConfigurer rememberMeCookieName(String rememberMeCookieName) { + this.rememberMeCookieName = rememberMeCookieName; + return this; + } + /** * Allows control over the destination a remembered user is sent to when they are * successfully authenticated. By default, the filter will just allow the current diff --git a/config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/NamespaceRememberMeTests.groovy b/config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/NamespaceRememberMeTests.groovy index 0df84d0620..60e3b84bb7 100644 --- a/config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/NamespaceRememberMeTests.groovy +++ b/config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/NamespaceRememberMeTests.groovy @@ -1,5 +1,5 @@ /* - * Copyright 2002-2013 the original author or authors. + * Copyright 2002-2015 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -270,6 +270,25 @@ public class NamespaceRememberMeTests extends BaseSpringSpec { findFilter(RememberMeAuthenticationFilter).rememberMeServices.parameter == "rememberMe" } + @Configuration + static class RememberMeCookieNameConfig extends BaseWebConfig { + protected void configure(HttpSecurity http) throws Exception { + http + .formLogin() + .and() + .rememberMe() + .rememberMeCookieName("rememberMe") + } + } + + // SEC-2880 + def "http/remember-me@remember-me-cookie"() { + when: "use custom rememberMeCookieName" + loadConfig(RememberMeCookieNameConfig) + then: "custom rememberMeCookieName will be used" + findFilter(RememberMeAuthenticationFilter).rememberMeServices.cookieName == "rememberMe" + } + @Configuration static class UseSecureCookieConfig extends BaseWebConfig { protected void configure(HttpSecurity http) throws Exception {