Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

SEC-365: Provide an alwaysRemember property, together with an abstract method so subclasses can determine custom behaviour.

This commit is contained in:
Ben Alex 2006-11-12 23:28:57 +00:00
parent 71eba94cf2
commit f28ce39bde
1 changed files with 18 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
core/src/main/java/org/acegisecurity/ui/rememberme/TokenBasedRememberMeServices.java
View File

@ -90,6 +90,7 @@ public class TokenBasedRememberMeServices implements RememberMeServices, Initial
private String parameter = DEFAULT_PARAMETER; private String parameter = DEFAULT_PARAMETER;
private UserDetailsService userDetailsService; private UserDetailsService userDetailsService;
private long tokenValiditySeconds = 1209600; // 14 days private long tokenValiditySeconds = 1209600; // 14 days
private boolean alwaysRemember = false;
//~ Methods ======================================================================================================== //~ Methods ========================================================================================================
@ -238,10 +239,18 @@ public class TokenBasedRememberMeServices implements RememberMeServices, Initial
cancelCookie(request, response, "Interactive authentication attempt was unsuccessful"); cancelCookie(request, response, "Interactive authentication attempt was unsuccessful");
} }
protected boolean rememberMeRequested(HttpServletRequest request, String parameter) {
if (alwaysRemember) {
return true;
}
return RequestUtils.getBooleanParameter(request, parameter, false);
}
public void loginSuccess(HttpServletRequest request, HttpServletResponse response, public void loginSuccess(HttpServletRequest request, HttpServletResponse response,
Authentication successfulAuthentication) { Authentication successfulAuthentication) {
// Exit if the principal hasn't asked to be remembered // Exit if the principal hasn't asked to be remembered
if (!RequestUtils.getBooleanParameter(request, parameter, false)) { if (!rememberMeRequested(request, parameter)) {
if (logger.isDebugEnabled()) { if (logger.isDebugEnabled()) {
logger.debug("Did not send remember-me cookie (principal did not set parameter '" + this.parameter logger.debug("Did not send remember-me cookie (principal did not set parameter '" + this.parameter
+ "')"); + "')");
@ -322,4 +331,12 @@ public class TokenBasedRememberMeServices implements RememberMeServices, Initial
public void setUserDetailsService(UserDetailsService userDetailsService) { public void setUserDetailsService(UserDetailsService userDetailsService) {
this.userDetailsService = userDetailsService; this.userDetailsService = userDetailsService;
} }
public boolean isAlwaysRemember() {
return alwaysRemember;
}
public void setAlwaysRemember(boolean alwaysRemember) {
this.alwaysRemember = alwaysRemember;
}
} }