Merge pull request #19 from corsoft/master

Initial commit of Persisted Remember-Me Example

spring-security-mvc-persisted-remember-me/.gitignore

@@ -0,0 +1,16 @@
+# Eclipse
+.classpath
+.project
+.settings/
+
+# Intellij
+.idea/
+*.iml
+*.iws
+
+# Mac
+.DS_Store
+
+# Maven
+log/
+target/

spring-security-mvc-persisted-remember-me/README.md

@@ -0,0 +1,15 @@
+=========
+
+## Spring Security Persisted Remember Me Example Project
+
+
+### Relevant Articles: 
+- [Spring Security Persisted Remember Me]
+- [Spring Security Remember Me](http://www.baeldung.com/spring-security-remember-me)
+- [Redirect to different pages after Login with Spring Security](http://www.baeldung.com/spring_redirect_after_login)
+
+
+### Build the Project
+```
+mvn clean install
+```

spring-security-mvc-persisted-remember-me/pom.xml

@@ -0,0 +1,300 @@
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+	<modelVersion>4.0.0</modelVersion>
+	<groupId>org.baeldung</groupId>
+	<artifactId>spring-security-mvc-persisted-remember-me</artifactId>
+	<version>0.1-SNAPSHOT</version>
+
+	<name>spring-security-mvc-persisted-remember-me</name>
+	<packaging>war</packaging>
+
+	<dependencies>
+
+		<!-- Spring Security -->
+
+		<dependency>
+			<groupId>org.springframework.security</groupId>
+			<artifactId>spring-security-web</artifactId>
+			<version>${org.springframework.security.version}</version>
+		</dependency>
+		<dependency>
+			<groupId>org.springframework.security</groupId>
+			<artifactId>spring-security-config</artifactId>
+			<version>${org.springframework.security.version}</version>
+		</dependency>
+		<dependency>
+			<groupId>org.springframework.security</groupId>
+			<artifactId>spring-security-taglibs</artifactId>
+			<version>${org.springframework.security.version}</version>
+		</dependency>
+		<dependency>
+			<groupId>org.springframework</groupId>
+			<artifactId>spring-orm</artifactId>
+			<version>${org.springframework.version}</version>
+		</dependency>
+
+		<!-- Spring -->
+
+		<dependency>
+			<groupId>org.springframework</groupId>
+			<artifactId>spring-core</artifactId>
+			<version>${org.springframework.version}</version>
+			<exclusions>
+			    <exclusion>
+			        <artifactId>commons-logging</artifactId>
+			        <groupId>commons-logging</groupId>
+			    </exclusion>
+			</exclusions>
+		</dependency>
+		<dependency>
+			<groupId>org.springframework</groupId>
+			<artifactId>spring-context</artifactId>
+			<version>${org.springframework.version}</version>
+		</dependency>
+		<dependency>
+			<groupId>org.springframework</groupId>
+			<artifactId>spring-jdbc</artifactId>
+			<version>${org.springframework.version}</version>
+		</dependency>
+		<dependency>
+			<groupId>org.springframework</groupId>
+			<artifactId>spring-beans</artifactId>
+			<version>${org.springframework.version}</version>
+		</dependency>
+		<dependency>
+			<groupId>org.springframework</groupId>
+			<artifactId>spring-aop</artifactId>
+			<version>${org.springframework.version}</version>
+		</dependency>
+		<dependency>
+			<groupId>org.springframework</groupId>
+			<artifactId>spring-tx</artifactId>
+			<version>${org.springframework.version}</version>
+		</dependency>
+		<dependency>
+			<groupId>org.springframework</groupId>
+			<artifactId>spring-expression</artifactId>
+			<version>${org.springframework.version}</version>
+		</dependency>
+
+		<dependency>
+			<groupId>org.springframework</groupId>
+			<artifactId>spring-web</artifactId>
+			<version>${org.springframework.version}</version>
+		</dependency>
+		<dependency>
+			<groupId>org.springframework</groupId>
+			<artifactId>spring-webmvc</artifactId>
+			<version>${org.springframework.version}</version>
+		</dependency>
+
+		<!-- web -->
+
+		<dependency>
+			<groupId>javax.servlet</groupId>
+			<artifactId>javax.servlet-api</artifactId>
+			<version>3.0.1</version>
+			<scope>provided</scope>
+		</dependency>
+
+		<dependency>
+			<groupId>javax.servlet</groupId>
+			<artifactId>jstl</artifactId>
+			<version>1.2</version>
+			<scope>runtime</scope>
+		</dependency>
+		
+		<!-- persistence -->
+		
+		<dependency>
+			<groupId>com.h2database</groupId>
+			<artifactId>h2</artifactId>
+			<version>1.4.178</version>
+		</dependency>
+
+		<dependency>
+			<groupId>postgresql</groupId>
+			<artifactId>postgresql</artifactId>
+			<version>9.1-901.jdbc4</version>
+			<scope>runtime</scope>
+		</dependency>
+		
+		<!-- utils -->
+
+		<dependency>
+			<groupId>com.google.guava</groupId>
+			<artifactId>guava</artifactId>
+			<version>${guava.version}</version>
+		</dependency>
+		
+
+		<!-- ops -->
+
+		<!-- <dependency> -->
+		<!-- <groupId>com.codahale.metrics</groupId> -->
+		<!-- <artifactId>metrics-core</artifactId> -->
+		<!-- <version>3.0.1</version> -->
+		<!-- </dependency> -->
+
+		<!-- logging -->
+
+		<dependency>
+			<groupId>org.slf4j</groupId>
+			<artifactId>slf4j-api</artifactId>
+			<version>${org.slf4j.version}</version>
+		</dependency>
+		<dependency>
+			<groupId>ch.qos.logback</groupId>
+			<artifactId>logback-classic</artifactId>
+			<version>${logback.version}</version>
+			<!-- <scope>runtime</scope> -->
+		</dependency>
+		<dependency>
+			<groupId>org.slf4j</groupId>
+			<artifactId>jcl-over-slf4j</artifactId>
+			<version>${org.slf4j.version}</version>
+			<!-- <scope>runtime</scope> --> <!-- some spring dependencies need to compile against jcl -->
+		</dependency>
+		<dependency> <!-- needed to bridge to slf4j for projects that use the log4j APIs directly -->
+			<groupId>org.slf4j</groupId>
+			<artifactId>log4j-over-slf4j</artifactId>
+			<version>${org.slf4j.version}</version>
+		</dependency>
+		
+		<!-- test scoped -->
+
+		<dependency>
+			<groupId>junit</groupId>
+			<artifactId>junit-dep</artifactId>
+			<version>${junit.version}</version>
+			<scope>test</scope>
+		</dependency>
+
+		<dependency>
+			<groupId>org.hamcrest</groupId>
+			<artifactId>hamcrest-core</artifactId>
+			<version>${org.hamcrest.version}</version>
+			<scope>test</scope>
+		</dependency>
+		<dependency>
+			<groupId>org.hamcrest</groupId>
+			<artifactId>hamcrest-library</artifactId>
+			<version>${org.hamcrest.version}</version>
+			<scope>test</scope>
+		</dependency>
+
+		<dependency>
+			<groupId>org.mockito</groupId>
+			<artifactId>mockito-core</artifactId>
+			<version>${mockito.version}</version>
+			<scope>test</scope>
+		</dependency>
+
+	</dependencies>
+
+	<build>
+		<finalName>spring-security-mvc-persisted-remember-me</finalName>
+		<resources>
+			<resource>
+				<directory>src/main/resources</directory>
+				<filtering>true</filtering>
+			</resource>
+		</resources>
+
+		<plugins>
+
+			<plugin>
+				<groupId>org.apache.maven.plugins</groupId>
+				<artifactId>maven-compiler-plugin</artifactId>
+				<version>${maven-compiler-plugin.version}</version>
+				<configuration>
+					<source>1.7</source>
+					<target>1.7</target>
+				</configuration>
+			</plugin>
+
+			<plugin>
+				<groupId>org.apache.maven.plugins</groupId>
+				<artifactId>maven-war-plugin</artifactId>
+				<version>${maven-war-plugin.version}</version>
+			</plugin>
+
+			<plugin>
+				<groupId>org.apache.maven.plugins</groupId>
+				<artifactId>maven-surefire-plugin</artifactId>
+				<version>${maven-surefire-plugin.version}</version>
+				<configuration>
+					<excludes>
+						<!-- <exclude>**/*ProductionTest.java</exclude> -->
+					</excludes>
+					<systemPropertyVariables>
+						<!-- <provPersistenceTarget>h2</provPersistenceTarget> -->
+					</systemPropertyVariables>
+				</configuration>
+			</plugin>
+
+			<plugin>
+				<groupId>org.codehaus.cargo</groupId>
+				<artifactId>cargo-maven2-plugin</artifactId>
+				<version>${cargo-maven2-plugin.version}</version>
+				<configuration>
+					<wait>true</wait>
+					<container>
+						<containerId>jetty8x</containerId>
+						<type>embedded</type>
+						<systemProperties>
+							<!-- <provPersistenceTarget>cargo</provPersistenceTarget> -->
+						</systemProperties>
+					</container>
+					<configuration>
+						<properties>
+							<cargo.servlet.port>8082</cargo.servlet.port>
+						</properties>
+					</configuration>
+				</configuration>
+			</plugin>
+
+		</plugins>
+
+	</build>
+
+	<properties>
+		<!-- Spring -->
+		<org.springframework.version>4.0.5.RELEASE</org.springframework.version>
+		<org.springframework.security.version>3.2.4.RELEASE</org.springframework.security.version>
+
+		<!-- persistence -->
+		<hibernate.version>4.3.5.Final</hibernate.version>
+		<mysql-connector-java.version>5.1.30</mysql-connector-java.version>
+
+		<!-- logging -->
+		<org.slf4j.version>1.7.6</org.slf4j.version>
+		<logback.version>1.1.1</logback.version>
+
+		<!-- various -->
+		<hibernate-validator.version>5.1.1.Final</hibernate-validator.version>
+
+		<!-- util -->
+		<guava.version>17.0</guava.version>
+		<commons-lang3.version>3.3.2</commons-lang3.version>
+
+		<!-- testing -->
+		<org.hamcrest.version>1.3</org.hamcrest.version>
+		<junit.version>4.11</junit.version>
+		<mockito.version>1.9.5</mockito.version>
+
+		<httpclient.version>4.3.3</httpclient.version>
+		<httpcore.version>4.3.2</httpcore.version>
+
+		<rest-assured.version>2.3.1</rest-assured.version>
+
+		<!-- Maven plugins -->
+		<maven-compiler-plugin.version>3.1</maven-compiler-plugin.version>
+		<maven-war-plugin.version>2.4</maven-war-plugin.version>
+		<maven-surefire-plugin.version>2.17</maven-surefire-plugin.version>
+		<maven-resources-plugin.version>2.6</maven-resources-plugin.version>
+		<cargo-maven2-plugin.version>1.4.8</cargo-maven2-plugin.version>
+
+	</properties>
+
+</project>

spring-security-mvc-persisted-remember-me/src/main/java/org/baeldung/security/MySimpleUrlAuthenticationSuccessHandler.java

@@ -0,0 +1,97 @@
+package org.baeldung.security;
+
+import java.io.IOException;
+import java.util.Collection;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.web.DefaultRedirectStrategy;
+import org.springframework.security.web.RedirectStrategy;
+import org.springframework.security.web.WebAttributes;
+import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
+import org.springframework.stereotype.Component;
+
+@Component(value="mySimpleUrlAuthenticationSuccessHandler")
+public class MySimpleUrlAuthenticationSuccessHandler implements AuthenticationSuccessHandler {
+	
+    private final Log logger = LogFactory.getLog(this.getClass());
+
+    private RedirectStrategy redirectStrategy = new DefaultRedirectStrategy();
+
+    protected MySimpleUrlAuthenticationSuccessHandler() {
+        super();
+    }
+
+    // API
+
+    @Override
+    public void onAuthenticationSuccess(final HttpServletRequest request, final HttpServletResponse response, final Authentication authentication) throws IOException {
+        handle(request, response, authentication);
+        clearAuthenticationAttributes(request);
+    }
+
+    // IMPL
+
+    protected void handle(final HttpServletRequest request, final HttpServletResponse response, final Authentication authentication) throws IOException {
+        final String targetUrl = determineTargetUrl(authentication);
+
+        if (response.isCommitted()) {
+            logger.debug("Response has already been committed. Unable to redirect to " + targetUrl);
+            return;
+        }
+
+        redirectStrategy.sendRedirect(request, response, targetUrl);
+    }
+
+    protected String determineTargetUrl(final Authentication authentication) {
+        boolean isUser = false;
+        boolean isAdmin = false;
+        final Collection<? extends GrantedAuthority> authorities = authentication.getAuthorities();
+        for (final GrantedAuthority grantedAuthority : authorities) {
+            if (grantedAuthority.getAuthority().equals("ROLE_USER")) {
+                isUser = true;
+                break;
+            } else if (grantedAuthority.getAuthority().equals("ROLE_ADMIN")) {
+                isAdmin = true;
+                break;
+            }
+        }
+
+        if (isUser) {
+            return "/homepage.html";
+        } else if (isAdmin) {
+            return "/console.html";
+        } else {
+            throw new IllegalStateException();
+        }
+    }
+
+    /**
+     * Removes temporary authentication-related data which may have been stored in the session
+     * during the authentication process.
+     */
+    protected final void clearAuthenticationAttributes(final HttpServletRequest request) {
+        final HttpSession session = request.getSession(false);
+
+        if (session == null) {
+            return;
+        }
+
+        session.removeAttribute(WebAttributes.AUTHENTICATION_EXCEPTION);
+    }
+
+    public void setRedirectStrategy(final RedirectStrategy redirectStrategy) {
+        this.redirectStrategy = redirectStrategy;
+    }
+
+    protected RedirectStrategy getRedirectStrategy() {
+        return redirectStrategy;
+    }
+
+}

spring-security-mvc-persisted-remember-me/src/main/java/org/baeldung/security/SecurityWebApplicationInitializer.java

@@ -0,0 +1,11 @@
+package org.baeldung.security;
+
+import org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer;
+
+/**
+ * Registers the springSecurityFilterChain Filter for every URL in the application. 
+ *
+ */
+public class SecurityWebApplicationInitializer extends AbstractSecurityWebApplicationInitializer{
+
+}

spring-security-mvc-persisted-remember-me/src/main/java/org/baeldung/service/MyUserDetailsService.java

@@ -0,0 +1,62 @@
+package org.baeldung.service;
+
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
+import org.springframework.security.core.userdetails.User;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
+import org.springframework.stereotype.Service;
+
+/**
+ * User Details Service - hard coded to two users for the example.
+ */
+@Service
+public class MyUserDetailsService implements UserDetailsService {
+
+	private final Log logger = LogFactory.getLog(this.getClass());
+
+	private Map<String, User> availableUsers = new HashMap<String, User>();
+
+	public MyUserDetailsService() {
+
+		availableUsers.put("user",
+				createUser("user", "password", Arrays.asList("ROLE_USER")));
+		availableUsers.put("admin",
+				createUser("admin", "password", Arrays.asList("ROLE_ADMIN")));
+	}
+
+	@Override
+	public UserDetails loadUserByUsername(String username)
+			throws UsernameNotFoundException {
+
+		logger.info("Load user by username " + username);
+
+		UserDetails user = availableUsers.get(username);
+		if (user == null) {
+			throw new UsernameNotFoundException("Username not found");
+		} else {
+			return availableUsers.get(username);
+		}
+
+	}
+
+	private User createUser(String username, String password, List<String> roles) {
+
+		logger.info("Create user " + username);
+
+		List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();
+		for (String role : roles) {
+			authorities.add(new SimpleGrantedAuthority(role));
+		}
+		return new User(username, password, true, true, true, true, authorities);
+	}
+}

spring-security-mvc-persisted-remember-me/src/main/java/org/baeldung/spring/DatabaseConfig.java

@@ -0,0 +1,35 @@
+package org.baeldung.spring;
+
+import javax.sql.DataSource;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.PropertySource;
+import org.springframework.core.env.Environment;
+import org.springframework.jdbc.datasource.DriverManagerDataSource;
+import org.springframework.transaction.annotation.EnableTransactionManagement;
+
+import com.google.common.base.Preconditions;
+
+/**
+ * Spring Database Configuration.
+ */
+@Configuration
+@EnableTransactionManagement
+@PropertySource({ "classpath:persistence-h2.properties" })
+public class DatabaseConfig {
+
+	@Autowired
+    private Environment env;
+
+	@Bean
+    public DataSource dataSource() {
+        final DriverManagerDataSource dataSource = new DriverManagerDataSource();
+        dataSource.setDriverClassName(Preconditions.checkNotNull(env.getProperty("jdbc.driverClassName")));
+        dataSource.setUrl(Preconditions.checkNotNull(env.getProperty("jdbc.url")));
+        dataSource.setUsername(Preconditions.checkNotNull(env.getProperty("jdbc.user")));
+        dataSource.setPassword(Preconditions.checkNotNull(env.getProperty("jdbc.pass")));
+        return dataSource;
+    }
+}

spring-security-mvc-persisted-remember-me/src/main/java/org/baeldung/spring/MvcConfig.java

@@ -0,0 +1,42 @@
+package org.baeldung.spring;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.ComponentScan;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.web.servlet.ViewResolver;
+import org.springframework.web.servlet.config.annotation.EnableWebMvc;
+import org.springframework.web.servlet.config.annotation.ViewControllerRegistry;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
+import org.springframework.web.servlet.view.InternalResourceViewResolver;
+import org.springframework.web.servlet.view.JstlView;
+
+/**
+ * Spring Web Configuration.
+ */
+@EnableWebMvc
+@ComponentScan("org.baeldung")
+@Configuration
+public class MvcConfig extends WebMvcConfigurerAdapter {
+
+    public MvcConfig() {
+        super();
+    }
+
+    @Override
+    public void addViewControllers(final ViewControllerRegistry registry) {
+        super.addViewControllers(registry);
+        registry.addViewController("/anonymous.html");
+        registry.addViewController("/login.html");
+        registry.addViewController("/homepage.html");
+        registry.addViewController("/console.html");
+    }
+
+    @Bean
+    public ViewResolver viewResolver() {
+        final InternalResourceViewResolver bean = new InternalResourceViewResolver();
+        bean.setViewClass(JstlView.class);
+        bean.setPrefix("/WEB-INF/view/");
+        bean.setSuffix(".jsp");
+        return bean;
+    }
+}

spring-security-mvc-persisted-remember-me/src/main/java/org/baeldung/spring/SecurityConfig.java

@@ -0,0 +1,20 @@
+package org.baeldung.spring;
+
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.ImportResource;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+
+/**
+ * Spring Security Configuration.
+ */
+@Configuration
+@EnableWebSecurity
+@ImportResource({ "classpath:webSecurityConfig.xml" })
+public class SecurityConfig extends WebSecurityConfigurerAdapter {
+
+	public SecurityConfig() {
+		super();
+	}
+
+}

spring-security-mvc-persisted-remember-me/src/main/resources/logback.xml

@@ -0,0 +1,20 @@
+<configuration>
+
+	<appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
+		<encoder>
+			<pattern>web - %date [%thread] %-5level %logger{36} - %message%n
+			</pattern>
+		</encoder>
+	</appender>
+
+	<logger name="org.springframework" level="WARN" />
+	<logger name="org.springframework.transaction" level="WARN" />
+
+	<!-- in order to debug some marshalling issues, this needs to be TRACE -->
+	<logger name="org.springframework.web.servlet.mvc" level="WARN" />
+
+	<root level="INFO">
+		<appender-ref ref="STDOUT" />
+	</root>
+
+</configuration>

spring-security-mvc-persisted-remember-me/src/main/resources/persistence-h2.properties

@@ -0,0 +1,11 @@
+# jdbc.X
+jdbc.driverClassName=org.h2.Driver
+jdbc.url=jdbc:h2:tcp://localhost/~/test
+
+jdbc.user=sa
+jdbc.pass=
+
+# hibernate.X
+hibernate.dialect=org.hibernate.dialect.H2Dialect
+hibernate.show_sql=false
+hibernate.hbm2ddl.auto=create-drop

spring-security-mvc-persisted-remember-me/src/main/resources/persistence-postgres.properties

@@ -0,0 +1,11 @@
+# jdbc.X
+jdbc.driverClassName=org.postgresql.Driver
+jdbc.url=jdbc:postgresql://localhost:5432
+
+jdbc.user=postgres
+jdbc.pass=
+
+# hibernate.X
+hibernate.dialect=org.hibernate.dialect.PostgreSQLDialect
+hibernate.show_sql=false
+hibernate.hbm2ddl.auto=create-drop

spring-security-mvc-persisted-remember-me/src/main/resources/webSecurityConfig.xml

@@ -0,0 +1,52 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans:beans xmlns="http://www.springframework.org/schema/security" 
+	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
+	xmlns:beans="http://www.springframework.org/schema/beans"
+	xmlns:tx="http://www.springframework.org/schema/tx"
+	xmlns:p="http://www.springframework.org/schema/p"
+	xmlns:util="http://www.springframework.org/schema/util"
+    xsi:schemaLocation="
+		http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.2.xsd
+		http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.0.xsd
+		http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx.xsd
+		http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-3.2.xsd">
+
+
+    <http use-expressions="true">
+
+        <intercept-url pattern="/anonymous*" access="isAnonymous()" />
+        <intercept-url pattern="/login*" access="permitAll" />
+        <intercept-url pattern="/**" access="isAuthenticated()" />
+
+        <form-login login-page='/login.html' authentication-success-handler-ref="mySimpleUrlAuthenticationSuccessHandler" authentication-failure-url="/login.html?error=true" />
+
+        <logout delete-cookies="JSESSIONID" />
+
+		<remember-me data-source-ref="dataSource" token-validity-seconds="86400"/>
+
+    </http>
+
+
+
+
+	<beans:bean id="rememberMeAuthenticationProvider" class="org.springframework.security.web.authentication.rememberme.PersistentTokenBasedRememberMeServices">
+		<beans:property name="key" value="myAppKey" />
+		<beans:property name="tokenRepository" ref="jdbcTokenRepository" />
+ 		<beans:property name="userDetailsService" ref="myUserDetailsService" />
+ 	</beans:bean>
+ 	
+ 	<!-- Uses a database table to maintain a set of persistent login data --> 
+	<beans:bean id="jdbcTokenRepository" class="org.springframework.security.web.authentication.rememberme.JdbcTokenRepositoryImpl"> 
+	    <beans:property name="createTableOnStartup" value="false" /> 
+	    <beans:property name="dataSource" ref="dataSource" /> 
+	</beans:bean> 
+
+	
+	<authentication-manager alias="authenticationManager">
+	    <authentication-provider user-service-ref="myUserDetailsService">
+	    </authentication-provider>
+	</authentication-manager>
+
+
+ 
+</beans:beans>

spring-security-mvc-persisted-remember-me/src/main/webapp/WEB-INF/mvc-servlet.xml

@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans xmlns="http://www.springframework.org/schema/beans"
+	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+  xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.0.xsd" >
+
+</beans>

spring-security-mvc-persisted-remember-me/src/main/webapp/WEB-INF/view/anonymous.jsp

@@ -0,0 +1,10 @@
+<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
+<html>
+<head></head>
+
+<body>
+	<h1>Anonymous page</h1>
+
+	<a href="<c:url value="/login.html" />">To Login</a>
+</body>
+</html>

spring-security-mvc-persisted-remember-me/src/main/webapp/WEB-INF/view/console.jsp

@@ -0,0 +1,22 @@
+<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
+<%@ taglib prefix="security" uri="http://www.springframework.org/security/tags" %>
+<html>
+<head></head>
+
+<body>
+	<h1>This is the landing page for the admin</h1>
+
+	<security:authorize access="hasRole('ROLE_USER')">
+		This text is only visible to a user
+		<br/>
+	</security:authorize>
+	
+	<security:authorize access="hasRole('ROLE_ADMIN')">
+		This text is only visible to an admin
+		<br/>
+	</security:authorize>
+
+	<a href="<c:url value="/j_spring_security_logout" />">Logout</a>
+	
+</body>
+</html>

spring-security-mvc-persisted-remember-me/src/main/webapp/WEB-INF/view/homepage.jsp

@@ -0,0 +1,22 @@
+<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
+<%@ taglib prefix="security" uri="http://www.springframework.org/security/tags"%>
+<html>
+<head></head>
+
+<body>
+	<h1>This is the homepage for the user</h1>
+
+	<security:authorize access="hasRole('ROLE_USER')">
+		This text is only visible to a user
+		<br />
+	</security:authorize>
+
+	<security:authorize access="hasRole('ROLE_ADMIN')">
+		This text is only visible to an admin
+		<br />
+	</security:authorize>
+
+	<a href="<c:url value="/j_spring_security_logout" />">Logout</a>
+
+</body>
+</html>

spring-security-mvc-persisted-remember-me/src/main/webapp/WEB-INF/view/login.jsp

@@ -0,0 +1,30 @@
+<html>
+<head></head>
+
+<body>
+	<h1>Login</h1>
+
+	<form name='f' action="j_spring_security_check" method='POST'>
+
+		<table>
+			<tr>
+				<td>User:</td>
+				<td><input type='text' name='j_username' value=''></td>
+			</tr>
+			<tr>
+				<td>Password:</td>
+				<td><input type='password' name='j_password' /></td>
+			</tr>
+			<tr>
+				<td>Remember Me:</td>
+				<td><input type="checkbox" name="_spring_security_remember_me" /></td>
+			</tr>
+			<tr>
+				<td><input name="submit" type="submit" value="submit" /></td>
+			</tr>
+		</table>
+
+	</form>
+
+</body>
+</html>

spring-security-mvc-persisted-remember-me/src/main/webapp/WEB-INF/web.xml

@@ -0,0 +1,55 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
+    xsi:schemaLocation="
+      http://java.sun.com/xml/ns/javaee
+      http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd" id="WebApp_ID" version="3.0">
+
+    <display-name>Spring MVC Custom Application</display-name>
+
+    <session-config>
+        <session-timeout>1</session-timeout>
+    </session-config>
+
+    <!-- Spring root -->
+    <context-param>
+        <param-name>contextClass</param-name>
+        <param-value>
+        	org.springframework.web.context.support.AnnotationConfigWebApplicationContext
+        </param-value>
+    </context-param>
+    <context-param>
+        <param-name>contextConfigLocation</param-name>
+        <param-value>org.baeldung.spring</param-value>
+    </context-param>
+
+    <listener>
+        <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
+    </listener>
+
+    <!-- Spring child -->
+    <servlet>
+        <servlet-name>mvc</servlet-name>
+        <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
+        <load-on-startup>1</load-on-startup>
+    </servlet>
+    <servlet-mapping>
+        <servlet-name>mvc</servlet-name>
+        <url-pattern>/</url-pattern>
+    </servlet-mapping>
+
+    <!-- Spring Security 
+    <filter>
+        <filter-name>springSecurityFilterChain</filter-name>
+        <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
+    </filter>
+    <filter-mapping>
+        <filter-name>springSecurityFilterChain</filter-name>
+        <url-pattern>/*</url-pattern>
+    </filter-mapping>
+    -->
+
+    <!-- <welcome-file-list> -->
+    <!-- <welcome-file>index.html</welcome-file> -->
+    <!-- </welcome-file-list> -->
+
+</web-app>

spring-security-mvc-persisted-remember-me/src/test/resources/.gitignore

@@ -0,0 +1,13 @@
+*.class
+
+#folders#
+/target
+/neoDb*
+/data
+/src/main/webapp/WEB-INF/classes
+*/META-INF/*
+
+# Packaged files #
+*.jar
+*.war
+*.ear