From d5ed97eba68292bc4ed1501bc4f915330ac8d12a Mon Sep 17 00:00:00 2001
From: Michael Cramer <michael@bigmichi1.de>
Date: Fri, 26 Sep 2014 08:44:30 +0200
Subject: [PATCH] SEC-2879: JdbcTokenRepositoryImpl updateToken should use
 lastUsed arg

---
 .../web/authentication/rememberme/JdbcTokenRepositoryImpl.java  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/web/src/main/java/org/springframework/security/web/authentication/rememberme/JdbcTokenRepositoryImpl.java b/web/src/main/java/org/springframework/security/web/authentication/rememberme/JdbcTokenRepositoryImpl.java
index db3517e4e9..5e436aabc3 100644
--- a/web/src/main/java/org/springframework/security/web/authentication/rememberme/JdbcTokenRepositoryImpl.java
+++ b/web/src/main/java/org/springframework/security/web/authentication/rememberme/JdbcTokenRepositoryImpl.java
@@ -71,7 +71,7 @@ public class JdbcTokenRepositoryImpl extends JdbcDaoSupport implements Persisten
     }
 
     public void updateToken(String series, String tokenValue, Date lastUsed) {
-        getJdbcTemplate().update(updateTokenSql, tokenValue, new Date(), series);
+        getJdbcTemplate().update(updateTokenSql, tokenValue, lastUsed, series);
     }
 
     /**