1

我一直在尝试在我的应用程序中实现 spring security 3.0 记住我的服务,但不幸的是无法让它工作。

我没有找到任何与此相关的具体示例,甚至在 spring 文档中也没有。如果有人可以提供一个工作示例代码,那就太好了。请找到我的 spring-security.xml 文件的代码。

    <?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:security="http://www.springframework.org/schema/security"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
      http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
      http://www.springframework.org/schema/security
      http://www.springframework.org/schema/security/spring-security-3.0.xsd">


<security:http entry-point-ref="myAuthenticationEntryPoint">

    <security:session-management
        session-fixation-protection="newSession" />
    <security:custom-filter position="FORM_LOGIN_FILTER"
        ref="processingFilter" />
    <security:logout logout-url="/logout"
        logout-success-url="/login" />
    <security:intercept-url pattern='/index.jsp'
        filters='none' />
    <security:intercept-url pattern='/login*'
        filters='none' />
    <security:remember-me key="springrocks" />

    <security:intercept-url pattern='/admin/**'
        access="ROLE_ADMIN" />

</security:http>

<security:authentication-manager>
    <security:authentication-provider
        ref="myAuthenticationProvider"></security:authentication-provider>
</security:authentication-manager>
<bean id="myAuthenticationProvider"
    class="example.AuthenticationProviderExtended">

</bean>

<bean id="authenticationManager" class="example.AuthenticationManagerExtended" />

<bean id="processingFilter" class="example.FormBasedProcessingFilter">
    <property name="authenticationManager" ref="authenticationManager" />
    <property name="usernameParameter" value="username" />
    <property name="passwordParameter" value="password" />
    <property name="allowSessionCreation" value="true" />
    <property name="authenticationFailureHandler" ref="simpleUrlAuthenticationFailureHandler" />
    <property name="authenticationSuccessHandler" ref="simpleUrlAuthenticationSuccessHandler" />
    <property name="filterProcessesUrl" value="/performLogin" />
</bean>


<bean id="simpleUrlAuthenticationFailureHandler" class="example.AuthenticationFailureHandler">
    <property name="defaultFailureUrl" value="/login"></property>
</bean>

<bean id="simpleUrlAuthenticationSuccessHandler"
    class="org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler">
    <property name="defaultTargetUrl" value="/home" />
</bean>


<bean id="myAuthenticationEntryPoint"
    class="example.CustomAuthenticationEntryPoint">
    <property name="loginFormUrl" value="/login" />
</bean>

<bean id="rememberMeFilter"
    class="org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter">
    <property name="rememberMeServices" ref="rememberMeServices" />
    <property name="authenticationManager" ref="authenticationManager" />
</bean>

<bean id="rememberMeServices"
    class="org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices">
    <property name="userDetailsService" ref="myUserDetailsService" />
    <property name="key" value="springRocks" />
</bean>

<bean id="rememberMeAuthenticationProvider"
    class="org.springframework.security.authentication.RememberMeAuthenticationProvider">
    <property name="key" value="springRocks" />
</bean>

<bean id="myUserDetailsService" class="example.MyCustomeUserDetailsService">

</bean>

</beans>
4

2 回答 2

1

请在此处查看 Spring Security 文档:http: //static.springsource.org/spring-security/site/docs/3.1.x/reference/springsecurity-single.html#remember-me-hash-token

于 2013-03-30T10:32:09.113 回答
0

您需要确保您的表单包含一个复选框(或其他类型的输入)记住我属性名称

<input type="checkbox" name="_spring_security_remember_me"/>

此属性可通过 xml 上的 remember-me-parameter 进行配置,例如:

<remember-me remember-me-parameter="please_remember"/>
于 2014-03-12T10:20:00.750 回答