Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-29 07:12:32 +00:00
Code Issues Packages Projects Releases Wiki Activity

SEC-2880: Add a setter method to override the cookie name of remember-me

Browse Source
This commit is contained in:
Kazuki Shimizu 2015-02-26 10:07:51 +09:00 committed by Rob Winch
parent ec89fdcfaa
commit 0c77c2071b
2 changed files with 33 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
config/src/main/java/org/springframework/security/config/annotation/web/configurers/RememberMeConfigurer.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2013 the original author or authors. * Copyright 2002-2015 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -180,6 +180,18 @@ public final class RememberMeConfigurer<H extends HttpSecurityBuilder<H>> extend
return this; return this;
} }
/**
* The name of cookie which store the token for remember me authentication. Defaults to 'remember-me'.
*
* @param rememberMeCookieName the name of cookie which store the token for remember me authentication
* @return the {@link RememberMeConfigurer} for further customization
* @since 4.0.1
*/
public RememberMeConfigurer<H> rememberMeCookieName(String rememberMeCookieName) {
this.rememberMeCookieName = rememberMeCookieName;
return this;
}
/** /**
* Allows control over the destination a remembered user is sent to when they are * Allows control over the destination a remembered user is sent to when they are
* successfully authenticated. By default, the filter will just allow the current * successfully authenticated. By default, the filter will just allow the current

21
config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/NamespaceRememberMeTests.groovy
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2013 the original author or authors. * Copyright 2002-2015 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -270,6 +270,25 @@ public class NamespaceRememberMeTests extends BaseSpringSpec {
findFilter(RememberMeAuthenticationFilter).rememberMeServices.parameter == "rememberMe" findFilter(RememberMeAuthenticationFilter).rememberMeServices.parameter == "rememberMe"
} }
@Configuration
static class RememberMeCookieNameConfig extends BaseWebConfig {
protected void configure(HttpSecurity http) throws Exception {
http
.formLogin()
.and()
.rememberMe()
.rememberMeCookieName("rememberMe")
}
}
// SEC-2880
def "http/remember-me@remember-me-cookie"() {
when: "use custom rememberMeCookieName"
loadConfig(RememberMeCookieNameConfig)
then: "custom rememberMeCookieName will be used"
findFilter(RememberMeAuthenticationFilter).rememberMeServices.cookieName == "rememberMe"
}
@Configuration @Configuration
static class UseSecureCookieConfig extends BaseWebConfig { static class UseSecureCookieConfig extends BaseWebConfig {
protected void configure(HttpSecurity http) throws Exception { protected void configure(HttpSecurity http) throws Exception {