Spring安全什么时候记得我处理cookie?

时间:2012-08-20 05:00:19

标签: java cookies spring-security remember-me

Spring security 3.1.1

所以我做了一个自定义记住我的服务,它扩展了默认令牌,记住我的服务只是为了检查它是否被调用。

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices;

public class CustomTokenBasedRememberMeService extends TokenBasedRememberMeServices {

    @Override
    protected int calculateLoginLifetime(HttpServletRequest request, Authentication authentication) {
        System.out.println("COOKIE: Process1!");
        return super.calculateLoginLifetime(request, authentication);
    }

    @Override
    protected boolean isTokenExpired(long tokenExpiryTime) {
        System.out.println("COOKIE: Process2!");
        return super.isTokenExpired(tokenExpiryTime);
    }

    @Override
    protected String makeTokenSignature(long tokenExpiryTime, String username, String password) {
        System.out.println("COOKIE: Process3!");
        return super.makeTokenSignature(tokenExpiryTime, username, password);
    }

    @Override
    protected String retrievePassword(Authentication authentication) {
        System.out.println("COOKIE: Process4!");
        return super.retrievePassword(authentication);
    }

    @Override
    protected String retrieveUserName(Authentication authentication) {
        System.out.println("COOKIE: Process5!");
        return super.retrieveUserName(authentication);
    }

    @Override
    protected UserDetails processAutoLoginCookie(String[] cookieTokens, HttpServletRequest request, HttpServletResponse response) {
        System.out.println("COOKIE: Process6!");
        return super.processAutoLoginCookie(cookieTokens, request, response);
    }    

    @Override
    public void onLoginSuccess(HttpServletRequest request, HttpServletResponse response, Authentication successfulAuthentication) {
        System.out.println("COOKIE: Process7!");
        super.onLoginSuccess(request, response, successfulAuthentication);
    }
}

当我登录时打印出来:

INFO: COOKIE: Process7!
INFO: COOKIE: Process5!
INFO: COOKIE: Process4!
INFO: COOKIE: Process1!
INFO: COOKIE: Process3!

表示它调用onLoginSuccess(),retrieveUserName(),retrievePassword(),calculateLoginLifetime()和makeTokenSignature()。

浏览器已接受cookie,但它从未被处理过。即使我删除了会话,重新启动了浏览器,等等。它从未被处理过,我假设processAutoLoginCookie对此负责,但它从未被调用过。

Spring处理cookie的条件是什么?

0 个答案:

没有答案
相关问题
最新问题