我有以下代码,以便在配置xml中记住我的身份验证
<remember-me services-ref="rememberMeServices" key="testKeyForBlog" />
<beans:bean id="rememberMeServices" class="com.ringee.web.login.security.controller.CustomTokenBasedRememberMeServices">
<beans:constructor-arg name="key" value="testKeyForBlog"/>
<beans:constructor-arg name="manageUserServiceImpl" ref="manageUserServiceImpl" />
<beans:constructor-arg name="tokenRepository" ref="managePersistentTokenServiceImpl" />
</beans:bean>
我已经实现了AbstractRememberMeServices来自定义记住我的身份验证。
当我输入我的登录ID和密码并记住我启用复选框时,调用RememberMeAuthenticationFilter过滤器,但在行下面
SecurityContextHolder.getContext().getAuthentication() == null
其中认证对象不为null,最终使得记住我的服务未被调用,在调试模式下运行后,我看到下面的调试消息
DEBUG [org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter] (http--127.0.0.1-8080-6) SecurityContex
tHolder not populated with remember-me token, as it already contained: 'com.ringee.web.login.security.controller.CustomUserAuthentication@6ee367b0'
我的应用程序没有表单登录,而是执行ajax登录,因此我已经自定义。我有自定义入口点。
<http pattern="/**" entry-point-ref="customEntryPoint">
<custom-filter ref="ajaxTimeoutRedirectFilter" after="EXCEPTION_TRANSLATION_FILTER" />
<remember-me services-ref="rememberMeServices" key="testKeyForBlog" />
<custom-filter position="PRE_AUTH_FILTER" ref="ringeeFilter" />
<intercept-url pattern="/index.jsp" access="ROLE_ANONYMOUS" />
<intercept-url pattern="/menu/registration" access="ROLE_ANONYMOUS" />
<custom-filter ref="logOutFilter" position="LOGOUT_FILTER" />
<access-denied-handler ref="accessDeniedHandler" />
</http>
登录时记住我复选框启用..没有设置cookie因为记住服务没有被调用,因为它已经存在认证对象。不知道我的配置有什么问题,谢谢你的回答