From f45c0944efbc895f5e2f898bf2fcbb21702655ea Mon Sep 17 00:00:00 2001
From: Ben Alex <ben.alex@springsource.com>
Date: Wed, 23 May 2007 06:45:45 +0000
Subject: [PATCH] SEC-478: Handle incorrect Base64 cookie encoding.

---
 .../ui/rememberme/TokenBasedRememberMeServices.java           | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/core/src/main/java/org/acegisecurity/ui/rememberme/TokenBasedRememberMeServices.java b/core/src/main/java/org/acegisecurity/ui/rememberme/TokenBasedRememberMeServices.java
index 86fd251a6f..1e7cf23ba1 100644
--- a/core/src/main/java/org/acegisecurity/ui/rememberme/TokenBasedRememberMeServices.java
+++ b/core/src/main/java/org/acegisecurity/ui/rememberme/TokenBasedRememberMeServices.java
@@ -118,6 +118,10 @@ public class TokenBasedRememberMeServices implements RememberMeServices, Initial
             if (ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY.equals(cookies[i].getName())) {
                 String cookieValue = cookies[i].getValue();
 
+                for (int j = 0; j < cookieValue.length() % 4; j++) {
+                    cookieValue = cookieValue + "=";
+                } 
+                
                 if (Base64.isArrayByteBase64(cookieValue.getBytes())) {
                     if (logger.isDebugEnabled()) {
                         logger.debug("Remember-me cookie detected");