0

当使用 spring social 从 http 或 https 请求 Facebook 登录时,如何使记住我的 cookie 和会话可通过 http 访问。目前,如果用户通过 https 登录,则无法通过 http 页面读取 cookie(没有用户登录)。我正在使用 use-secure-cookie="false" 但这没有帮助。

 <s:remember-me key="mykey" services-ref="rememberMeServices" use-secure-cookie="false"/>

 <bean id="rememberMeServices" class="org.springframework.security.web.authentication.rememberme.PersistentTokenBasedRememberMeServices">
    <property name="userDetailsService" ref="userService" />
    <property name="tokenRepository" ref="persistentTokenRepository" />
    <property name="key" value="mykey" />
    <property name="cookieName" value="rmb" />
    <property name="useSecureCookie" value="false" />
    <property name="tokenValiditySeconds" value="946708560" />
    <property name="alwaysRemember" value="true"></property>
</bean>

我的社交配置:

@Configuration
public class SocialConfig {
      @Inject
        private Environment environment;
      @Inject
        private DataSource dataSource;

        @Inject
        private TextEncryptor textEncryptor;
        @Value("${app.url}")
        private String applicationUrl;
        @Value("${facebook.clientId}")
        private String facebookClientId;
        @Value("${facebook.clientSecret}")
        private String facebookClientSecret;


    @Bean
    public ConnectionFactoryLocator connectionFactoryLocator() {
        ConnectionFactoryRegistry registry = new ConnectionFactoryRegistry();

        registry.addConnectionFactory(new FacebookConnectionFactory(
            facebookClientId,
            facebookClientSecret));



        return registry;
    }


    @Bean
    @Scope(value="request", proxyMode=ScopedProxyMode.INTERFACES)
    public ConnectionRepository connectionRepository() {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication == null) {
            throw new IllegalStateException("Unable to get a ConnectionRepository: no user signed in");
        }
        return usersConnectionRepository().createConnectionRepository(authentication.getName());
    }

    @Bean
    public UsersConnectionRepository usersConnectionRepository() {
        JdbcUsersConnectionRepository repository = new JdbcUsersConnectionRepository(
                dataSource, connectionFactoryLocator(), textEncryptor);
        repository.setConnectionSignUp(connectionSignUp());
        return repository;
    }
     @Bean
     public TextEncryptor textEncryptor() {
         return Encryptors.noOpText();
     }

     @Bean
        public ConnectController connectController() {
         ConnectController controller = new ConnectController(
                    connectionFactoryLocator(), connectionRepository());
                controller.setApplicationUrl(applicationUrl);

                return controller;
        }

     @Bean
     public ProviderSignInController providerSignInController(RequestCache requestCache) {
         ProviderSignInController controller = new ProviderSignInController(connectionFactoryLocator(), 
                 usersConnectionRepository(), signInAdapter());

         controller.setSignUpUrl("/register");
         controller.setSignInUrl("/socialSignIn");
         controller.setPostSignInUrl("socialSignIn");
         controller.addSignInInterceptor(new RedirectAfterConnectInterceptor());



         return controller;
     }

     @Bean
     public SignInAdapter signInAdapter() {
         return new SignInAdapterImpl();
     }


     @Bean
     public ConnectionSignUp connectionSignUp() {
         return new ConnectionSignUpImpl();
     }

}
4

0 回答 0