Class CoreRememberMeService
java.lang.Object
de.hybris.platform.spring.security.CoreRememberMeService
- All Implemented Interfaces:
org.springframework.beans.factory.InitializingBean,org.springframework.security.web.authentication.logout.LogoutHandler,org.springframework.security.web.authentication.RememberMeServices
- Direct Known Subclasses:
BackofficeRememberMeService,CockpitRememberMeService
public class CoreRememberMeService
extends Object
implements org.springframework.security.web.authentication.RememberMeServices, org.springframework.beans.factory.InitializingBean, org.springframework.security.web.authentication.logout.LogoutHandler
Identifies previously remembered users by a @see de.hybris.platform.jalo.user.CookieBasedLoginToken supported
parameters are: cookieName" value="AdminwebToken" /> ttl, default is 15000 secure, default is false
path, default will be request.getContextPath() domain, default is
-
Field Summary
FieldsModifier and TypeFieldDescriptionprotected final org.springframework.security.authentication.AuthenticationDetailsSourcestatic final Stringprotected org.springframework.context.support.MessageSourceAccessorstatic final Stringprotected final org.springframework.security.core.userdetails.UserDetailsChecker -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionvoidorg.springframework.security.core.AuthenticationautoLogin(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) protected voidcancelCookie(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) Sets a "cancel cookie" (with maxAge = 0) on the response to disable persistent logins.protected Stringprotected StringgetKey()getLanguageFromCookie(LoginToken token) getLanguageFromHttpRequest(javax.servlet.http.HttpServletRequest request) getLanguageFromUserDetails(org.springframework.security.core.userdetails.UserDetails userDetails) protected StringgetLanguageIsoCode(org.springframework.security.core.userdetails.UserDetails userDetails, LoginToken token, javax.servlet.http.HttpServletRequest request) getPath(javax.servlet.http.HttpServletRequest request) intgetTtl()booleanisSecure()final voidloginFail(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) voidloginSuccess(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, org.springframework.security.core.Authentication successfulAuthentication) Examines the incoming request and checks for the presence of the configured "remember me" parameter.voidlogout(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, org.springframework.security.core.Authentication authentication) Implementation of LogoutHandler.protected org.springframework.security.core.userdetails.UserDetailsServiceprotected voidonLoginFail(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) voidonLoginSuccess(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, org.springframework.security.core.Authentication successfulAuthentication) org.springframework.security.core.userdetails.UserDetailsprocessAutoLoginCookie(LoginToken token, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) protected booleanrememberMeRequested(javax.servlet.http.HttpServletRequest request, String parameter) voidsetCookieName(String cookieName) voidvoidvoidvoidsetSecure(boolean secure) voidsetTtl(int ttl) protected voidupdateLanguageInSessionContext(org.springframework.security.core.userdetails.UserDetails userDetails, LoginToken token, javax.servlet.http.HttpServletRequest request)
-
Field Details
-
DEFAULT_PARAMETER
- See Also:
-
SPRING_SECURITY_REMEMBER_ME_COOKIE_KEY
- See Also:
-
messages
protected org.springframework.context.support.MessageSourceAccessor messages -
userDetailsChecker
protected final org.springframework.security.core.userdetails.UserDetailsChecker userDetailsChecker -
authenticationDetailsSource
protected final org.springframework.security.authentication.AuthenticationDetailsSource authenticationDetailsSource
-
-
Constructor Details
-
CoreRememberMeService
public CoreRememberMeService()
-
-
Method Details
-
afterPropertiesSet
- Specified by:
afterPropertiesSetin interfaceorg.springframework.beans.factory.InitializingBean- Throws:
Exception
-
onLoginSuccess
public void onLoginSuccess(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, org.springframework.security.core.Authentication successfulAuthentication) throws EJBPasswordEncoderNotFoundException -
processAutoLoginCookie
public org.springframework.security.core.userdetails.UserDetails processAutoLoginCookie(LoginToken token, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) -
updateLanguageInSessionContext
protected void updateLanguageInSessionContext(org.springframework.security.core.userdetails.UserDetails userDetails, LoginToken token, javax.servlet.http.HttpServletRequest request) -
getLanguageIsoCode
protected String getLanguageIsoCode(org.springframework.security.core.userdetails.UserDetails userDetails, LoginToken token, javax.servlet.http.HttpServletRequest request) -
getLanguageFromCookie
-
getLanguageFromUserDetails
-
getLanguageFromHttpRequest
-
getDefaultLanguageForTenant
-
autoLogin
public org.springframework.security.core.Authentication autoLogin(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) - Specified by:
autoLoginin interfaceorg.springframework.security.web.authentication.RememberMeServices
-
getPath
- Returns:
- the path
-
setPath
- Parameters:
path- the path to set
-
isSecure
public boolean isSecure()- Returns:
- the secure
-
setSecure
public void setSecure(boolean secure) - Parameters:
secure- the secure to set
-
getTtl
public int getTtl()- Returns:
- the ttl
-
setTtl
public void setTtl(int ttl) - Parameters:
ttl- the ttl to set
-
getDomain
- Returns:
- the domain
-
setDomain
- Parameters:
domain- the domain to set
-
setCookieName
-
getCookieName
-
lookupUserDetailsService
protected org.springframework.security.core.userdetails.UserDetailsService lookupUserDetailsService() -
cancelCookie
protected void cancelCookie(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) Sets a "cancel cookie" (with maxAge = 0) on the response to disable persistent logins.- Parameters:
request-response-
-
logout
public void logout(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, org.springframework.security.core.Authentication authentication) Implementation of LogoutHandler. Default behaviour is to call cancelCookie().- Specified by:
logoutin interfaceorg.springframework.security.web.authentication.logout.LogoutHandler
-
loginFail
public final void loginFail(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) - Specified by:
loginFailin interfaceorg.springframework.security.web.authentication.RememberMeServices
-
rememberMeRequested
protected boolean rememberMeRequested(javax.servlet.http.HttpServletRequest request, String parameter) -
onLoginFail
protected void onLoginFail(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) -
loginSuccess
public void loginSuccess(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, org.springframework.security.core.Authentication successfulAuthentication) Examines the incoming request and checks for the presence of the configured "remember me" parameter. If it's present, or if alwaysRemember is set to true, calls onLoginSuccess.- Specified by:
loginSuccessin interfaceorg.springframework.security.web.authentication.RememberMeServices
-
getKey
- Returns:
- the key
-
setKey
- Parameters:
key- the key to set
-