Class CoreRememberMeService

java.lang.Object
de.hybris.platform.spring.security.CoreRememberMeService
All Implemented Interfaces:
org.springframework.beans.factory.InitializingBean, org.springframework.security.web.authentication.logout.LogoutHandler, org.springframework.security.web.authentication.RememberMeServices
Direct Known Subclasses:
BackofficeRememberMeService, CockpitRememberMeService

public class CoreRememberMeService extends Object implements org.springframework.security.web.authentication.RememberMeServices, org.springframework.beans.factory.InitializingBean, org.springframework.security.web.authentication.logout.LogoutHandler
Identifies previously remembered users by a @see de.hybris.platform.jalo.user.CookieBasedLoginToken supported parameters are:
  • cookieName" value="AdminwebToken" />
  • ttl, default is 15000
  • secure, default is false
  • path, default will be request.getContextPath()
  • domain, default is
    • Field Details

      • DEFAULT_PARAMETER

        public static final String DEFAULT_PARAMETER
        See Also:
      • messages

        protected org.springframework.context.support.MessageSourceAccessor messages
      • userDetailsChecker

        protected final org.springframework.security.core.userdetails.UserDetailsChecker userDetailsChecker
      • authenticationDetailsSource

        protected final org.springframework.security.authentication.AuthenticationDetailsSource authenticationDetailsSource
    • Constructor Details

      • CoreRememberMeService

        public CoreRememberMeService()
    • Method Details

      • afterPropertiesSet

        public void afterPropertiesSet() throws Exception
        Specified by:
        afterPropertiesSet in interface org.springframework.beans.factory.InitializingBean
        Throws:
        Exception
      • onLoginSuccess

        public void onLoginSuccess(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, org.springframework.security.core.Authentication successfulAuthentication) throws EJBPasswordEncoderNotFoundException
        Throws:
        EJBPasswordEncoderNotFoundException
      • processAutoLoginCookie

        public org.springframework.security.core.userdetails.UserDetails processAutoLoginCookie(LoginToken token, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
      • updateLanguageInSessionContext

        protected void updateLanguageInSessionContext(org.springframework.security.core.userdetails.UserDetails userDetails, LoginToken token, javax.servlet.http.HttpServletRequest request)
      • getLanguageIsoCode

        protected String getLanguageIsoCode(org.springframework.security.core.userdetails.UserDetails userDetails, LoginToken token, javax.servlet.http.HttpServletRequest request)
      • getLanguageFromCookie

        protected Optional<String> getLanguageFromCookie(LoginToken token)
      • getLanguageFromUserDetails

        protected Optional<String> getLanguageFromUserDetails(org.springframework.security.core.userdetails.UserDetails userDetails)
      • getLanguageFromHttpRequest

        protected Optional<String> getLanguageFromHttpRequest(javax.servlet.http.HttpServletRequest request)
      • getDefaultLanguageForTenant

        protected String getDefaultLanguageForTenant()
      • autoLogin

        public org.springframework.security.core.Authentication autoLogin(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
        Specified by:
        autoLogin in interface org.springframework.security.web.authentication.RememberMeServices
      • getPath

        public String getPath(javax.servlet.http.HttpServletRequest request)
        Returns:
        the path
      • setPath

        public void setPath(String path)
        Parameters:
        path - the path to set
      • isSecure

        public boolean isSecure()
        Returns:
        the secure
      • setSecure

        public void setSecure(boolean secure)
        Parameters:
        secure - the secure to set
      • getTtl

        public int getTtl()
        Returns:
        the ttl
      • setTtl

        public void setTtl(int ttl)
        Parameters:
        ttl - the ttl to set
      • getDomain

        public String getDomain()
        Returns:
        the domain
      • setDomain

        public void setDomain(String domain)
        Parameters:
        domain - the domain to set
      • setCookieName

        public void setCookieName(String cookieName)
      • getCookieName

        protected String getCookieName()
      • lookupUserDetailsService

        protected org.springframework.security.core.userdetails.UserDetailsService lookupUserDetailsService()
      • cancelCookie

        protected void cancelCookie(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
        Sets a "cancel cookie" (with maxAge = 0) on the response to disable persistent logins.
        Parameters:
        request -
        response -
      • logout

        public void logout(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, org.springframework.security.core.Authentication authentication)
        Implementation of LogoutHandler. Default behaviour is to call cancelCookie().
        Specified by:
        logout in interface org.springframework.security.web.authentication.logout.LogoutHandler
      • loginFail

        public final void loginFail(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
        Specified by:
        loginFail in interface org.springframework.security.web.authentication.RememberMeServices
      • rememberMeRequested

        protected boolean rememberMeRequested(javax.servlet.http.HttpServletRequest request, String parameter)
      • onLoginFail

        protected void onLoginFail(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
      • loginSuccess

        public void loginSuccess(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, org.springframework.security.core.Authentication successfulAuthentication)
        Examines the incoming request and checks for the presence of the configured "remember me" parameter. If it's present, or if alwaysRemember is set to true, calls onLoginSuccess.
        Specified by:
        loginSuccess in interface org.springframework.security.web.authentication.RememberMeServices
      • getKey

        public String getKey()
        Returns:
        the key
      • setKey

        public void setKey(String key)
        Parameters:
        key - the key to set