public final class RememberMeConfigurer<H extends HttpSecurityBuilder<H>> extends AbstractHttpConfigurer<RememberMeConfigurer<H>,H>
HttpSecurity.authenticationProvider(org.springframework.security.authentication.AuthenticationProvider)
is populated with a RememberMeAuthenticationProvider
RememberMeServices
is populated as a shared object and available on
AbstractConfiguredSecurityBuilder.getSharedObject(Class)
LogoutConfigurer.addLogoutHandler(LogoutHandler)
is used to add a logout
handler to clean up the remember me authentication.AuthenticationManager
UserDetailsService
if no userDetailsService(UserDetailsService)
was specified.DefaultLoginPageGeneratingFilter
- if present will be populated with
information from the configurationConstructor and Description |
---|
RememberMeConfigurer()
Creates a new instance
|
Modifier and Type | Method and Description |
---|---|
RememberMeConfigurer<H> |
alwaysRemember(boolean alwaysRemember)
Whether the cookie should always be created even if the remember-me parameter is
not set.
|
RememberMeConfigurer<H> |
authenticationSuccessHandler(AuthenticationSuccessHandler authenticationSuccessHandler)
Allows control over the destination a remembered user is sent to when they are
successfully authenticated.
|
void |
configure(H http)
Configure the
SecurityBuilder by setting the necessary properties on the
SecurityBuilder . |
void |
init(H http)
Initialize the
SecurityBuilder . |
RememberMeConfigurer<H> |
key(java.lang.String key)
Sets the key to identify tokens created for remember me authentication.
|
RememberMeConfigurer<H> |
rememberMeCookieDomain(java.lang.String rememberMeCookieDomain)
The domain name within which the remember me cookie is visible.
|
RememberMeConfigurer<H> |
rememberMeCookieName(java.lang.String rememberMeCookieName)
The name of cookie which store the token for remember me authentication.
|
RememberMeConfigurer<H> |
rememberMeParameter(java.lang.String rememberMeParameter)
The HTTP parameter used to indicate to remember the user at time of login.
|
RememberMeConfigurer<H> |
rememberMeServices(RememberMeServices rememberMeServices)
Specify the
RememberMeServices to use. |
RememberMeConfigurer<H> |
tokenRepository(PersistentTokenRepository tokenRepository)
Specifies the
PersistentTokenRepository to use. |
RememberMeConfigurer<H> |
tokenValiditySeconds(int tokenValiditySeconds)
Allows specifying how long (in seconds) a token is valid for
|
RememberMeConfigurer<H> |
userDetailsService(UserDetailsService userDetailsService)
Specifies the
UserDetailsService used to look up the UserDetails
when a remember me token is valid. |
RememberMeConfigurer<H> |
useSecureCookie(boolean useSecureCookie)
Whether the cookie should be flagged as secure or not.
|
disable, withObjectPostProcessor
addObjectPostProcessor, and, getBuilder, postProcess, setBuilder
public RememberMeConfigurer<H> tokenValiditySeconds(int tokenValiditySeconds)
tokenValiditySeconds
- RememberMeConfigurer
for further customizationAbstractRememberMeServices.setTokenValiditySeconds(int)
public RememberMeConfigurer<H> useSecureCookie(boolean useSecureCookie)
By default the cookie will be secure if the request is secure. If you only want to
use remember-me over HTTPS (recommended) you should set this property to
true
.
useSecureCookie
- set to true
to always user secure cookies,
false
to disable their use.RememberMeConfigurer
for further customizationAbstractRememberMeServices.setUseSecureCookie(boolean)
public RememberMeConfigurer<H> userDetailsService(UserDetailsService userDetailsService)
UserDetailsService
used to look up the UserDetails
when a remember me token is valid. The default is to use the
UserDetailsService
found by invoking
AbstractConfiguredSecurityBuilder.getSharedObject(Class)
which is set when using
WebSecurityConfigurerAdapter.configure(AuthenticationManagerBuilder)
.
Alternatively, one can populate rememberMeServices(RememberMeServices)
.userDetailsService
- the UserDetailsService
to configureRememberMeConfigurer
for further customizationAbstractRememberMeServices
public RememberMeConfigurer<H> tokenRepository(PersistentTokenRepository tokenRepository)
PersistentTokenRepository
to use. The default is to use
TokenBasedRememberMeServices
instead.tokenRepository
- the PersistentTokenRepository
to useRememberMeConfigurer
for further customizationpublic RememberMeConfigurer<H> key(java.lang.String key)
rememberMeServices(RememberMeServices)
is specified and is of type
AbstractRememberMeServices
, then the default is the key set in
AbstractRememberMeServices
.key
- the key to identify tokens created for remember me authenticationRememberMeConfigurer
for further customizationpublic RememberMeConfigurer<H> rememberMeParameter(java.lang.String rememberMeParameter)
rememberMeParameter
- the HTTP parameter used to indicate to remember the userRememberMeConfigurer
for further customizationpublic RememberMeConfigurer<H> rememberMeCookieName(java.lang.String rememberMeCookieName)
rememberMeCookieName
- the name of cookie which store the token for remember
me authenticationRememberMeConfigurer
for further customizationpublic RememberMeConfigurer<H> rememberMeCookieDomain(java.lang.String rememberMeCookieDomain)
rememberMeCookieDomain
- the domain name within which the remember me cookie
is visible.RememberMeConfigurer
for further customizationpublic RememberMeConfigurer<H> authenticationSuccessHandler(AuthenticationSuccessHandler authenticationSuccessHandler)
AuthenticationSuccessHandler
is set, it will
be invoked and the doFilter()
method will return immediately, thus allowing
the application to redirect the user to a specific URL, regardless of what the
original request was for.authenticationSuccessHandler
- the strategy to invoke immediately before
returning from doFilter()
.RememberMeConfigurer
for further customizationRememberMeAuthenticationFilter.setAuthenticationSuccessHandler(AuthenticationSuccessHandler)
public RememberMeConfigurer<H> rememberMeServices(RememberMeServices rememberMeServices)
RememberMeServices
to use.rememberMeServices
- the RememberMeServices
to useRememberMeConfigurer
for further customizationsRememberMeServices
public RememberMeConfigurer<H> alwaysRemember(boolean alwaysRemember)
By default this will be set to false
.
alwaysRemember
- set to true
to always trigger remember me,
false
to use the remember-me parameter.RememberMeConfigurer
for further customizationAbstractRememberMeServices.setAlwaysRemember(boolean)
public void init(H http) throws java.lang.Exception
SecurityConfigurer
SecurityBuilder
. Here only shared state should be created
and modified, but not properties on the SecurityBuilder
used for building
the object. This ensures that the SecurityConfigurer.configure(SecurityBuilder)
method uses
the correct shared objects when building. Configurers should be applied here.init
in interface SecurityConfigurer<DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>
init
in class SecurityConfigurerAdapter<DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>
java.lang.Exception
public void configure(H http)
SecurityConfigurer
SecurityBuilder
by setting the necessary properties on the
SecurityBuilder
.configure
in interface SecurityConfigurer<DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>
configure
in class SecurityConfigurerAdapter<DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>