Spring Security“记住我”重定向到登录

Question

我正在尝试使用Spring Security在我的webapp中实现记住我的功能。 cookie已正确建立（我在浏览器中看到过）并被服务器识别（我的应用程序在bbdd中找到用户）但总是被重定向到登录页面。有人可以帮助我吗？

我的安全配置是：

public class SecurityConfiguration extends WebSecurityConfigurerAdapter {

@Autowired
CustomAuthenticationProvider customAuthenticationProvider;
RememberMeAuthenticationProvider rememberMeAuthenticationProvider = new RememberMeAuthenticationProvider(
        "OTRS_KEY");

@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth)
        throws Exception {
    auth.authenticationProvider(customAuthenticationProvider);
}

@Override
public void configure(WebSecurity web) throws Exception {
    web.debug(true)
            .ignoring()
            .antMatchers("/unsec/**", "/resources/**", "/css/**",
                    "/images/**", "/design/**", "/javax.faces.resource/**",
                    "/syntaxhighlighter/**");
}

/*
 * JSF 1.2/2.0/2.1/2.2 has implicit CSRF protection when h:form is submitted
 * with a POST request. This is because the javax.faces.ViewState hidden
 * field contains a sufficiently random token. JSF 2.2 adds CSRF protection
 * to HTTP GET by allowing the developer to specify protected-views in the
 * WEB-INF/faces-config.xml descriptor. URLs that invoke the JSF lifecycle
 * via HTTP GET must have the new javax.faces.Token URL parameter. For more
 * information, see the tutorial titled Java EE 7: Implementing CSRF
 * Protection with JSF 2.2.
 */
@Override
protected void configure(HttpSecurity http) throws Exception {
    http.csrf().disable().headers().frameOptions().disable().formLogin()
            .loginProcessingUrl("/j_spring_security_check")
            .usernameParameter("j_username")
            .passwordParameter("j_password")
            .loginPage("/unsec/secureLogin.jsf")
            .defaultSuccessUrl("/sec/home.jsf")
            .failureUrl("/unsec/secureLogin.jsf").and().rememberMe()
            .rememberMeServices(tokenBasedRememberMeServices()).and()
            .authorizeRequests().antMatchers("/unsec/**").permitAll()
            .antMatchers("/sec/**").authenticated().and().logout()
            .deleteCookies("JSESSIONID", "OTRS_REMEMBER");

}

@Bean
public PasswordEncoder passwordEncoder() {
    // return new BCryptPasswordEncoder();
    return NoOpPasswordEncoder.getInstance();
}

private TokenBasedRememberMeServices tokenBasedRememberMeServices() {
    TokenBasedRememberMeServices t = new TokenBasedRememberMeServices(
            "OTRS_KEY", satecAuthenticationProvider.getIdentitiesService());
    t.setParameter("_spring_security_remember_me_input");
    t.setAlwaysRemember(true);
    t.setCookieName("OTRS_REMEMBER");
    t.setTokenValiditySeconds(7200);
    return t;
}

}