记住我-春季安全

发布于 2024-10-23 18:40:31 字数 1107 浏览 2 评论 0原文

我目前正在尝试在我的网站中实现“记住我”功能。以下是我的配置的一部分

<security:remember-me services-ref="rememberMeServices" />  
<bean id="rememberMeServices" class="com.entertainment.ecom.web.auth.EcomRemembe rMeServices">  
<property name="userDetailsService" ref="ecomUserDetailsService"/>  
<property name="key" value="a23eef6dfd1514cb885f47070380ff18"/>  
<property name="cookieName" value="ENTC"/>  
<property name="tokenValiditySeconds" value="80000"/>  
</bean>

My EcomRememberMeServices extends AbstractRememberMeServices &我已经重写了 onLoginFail & onLoginSuccess 方法。我的问题是，从哪里调用我的 onLoginSuccess() 方法？

我尝试运行上面的配置&可以看到 onLoginFail 通过 RememberMeAuthenticationFilter(rememberMeServices.loginFail(request, response)) 被调用，但是当我检查此过滤器的源代码时，我找不到任何调用onLoginSuccess() 或 loginSuccess() 方法。那么我需要明确地调用它吗？

在BasicAuthenticationFilter中，调用了该方法。所以我尝试使用它，但仍然不起作用。（）。那么有人可以帮我吗？

原文

I am currently trying to implement remember me functionality in my website. Following is part of my configuration

<security:remember-me services-ref="rememberMeServices" />  
<bean id="rememberMeServices" class="com.entertainment.ecom.web.auth.EcomRemembe rMeServices">  
<property name="userDetailsService" ref="ecomUserDetailsService"/>  
<property name="key" value="a23eef6dfd1514cb885f47070380ff18"/>  
<property name="cookieName" value="ENTC"/>  
<property name="tokenValiditySeconds" value="80000"/>  
</bean>

My EcomRememberMeServices extends AbstractRememberMeServices & I have overridden onLoginFail & onLoginSuccess methods. My question is, from where my onLoginSuccess() method will be called?

I have tried to run above configuration & it was seen that onLoginFail gets called through RememberMeAuthenticationFilter(rememberMeServices.loginFail(request, response)) but when I checked source code for this filter, I could not find any call for onLoginSuccess() or loginSuccess() method. So do I need to call this explicitly?

In BasicAuthenticationFilter, there is a call for this method. So I tried to use it but still i does not work.(<http-basic/>). So can anyone please help me in this?

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

温柔嚣张 2024-10-30 18:40:31

还有一种方法 logout()，由注销过滤器调用。我想您还必须将 rememberMeServices 注入登录和注销过滤器（我不确定是否可以在 xml 中的 http 元素中完成）

    <bean id="logoutFilter"   class="org.springframework.security.web.authentication.logout.LogoutFilter">
    <constructor-arg index="0" type="org.springframework.security.web.authentication.logout.LogoutSuccessHandler" ref="logoutSuccessHandler" />
    <constructor-arg index="1">
        <list value-type="org.springframework.security.web.authentication.logout.LogoutHandler">
            <ref local="rememberMeServices"/>
        </list>
    </constructor-arg>
</bean>

：

<bean id="formLoginFilter"   class="org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter">
     ...

     <property name="rememberMeServices">
            <ref local="rememberMeServices" />
     </property> 
</bean>

There is one more method logout(), which is called by logout filter. I guess you have to inject rememberMeServices into Login and Logout Filter as well (I am not sure if it can be done within http element in xml):

    <bean id="logoutFilter"   class="org.springframework.security.web.authentication.logout.LogoutFilter">
    <constructor-arg index="0" type="org.springframework.security.web.authentication.logout.LogoutSuccessHandler" ref="logoutSuccessHandler" />
    <constructor-arg index="1">
        <list value-type="org.springframework.security.web.authentication.logout.LogoutHandler">
            <ref local="rememberMeServices"/>
        </list>
    </constructor-arg>
</bean>

and

<bean id="formLoginFilter"   class="org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter">
     ...

     <property name="rememberMeServices">
            <ref local="rememberMeServices" />
     </property> 
</bean>

回复收藏 0 原文

~没有更多了~