@Bean public TokenBasedRememberMeServices rememberMeServices() { return new TokenBasedRememberMeServices("remember-me-key", userService); }
/** Create the signature by removing the user group service name suffix from the user name */ @Override protected String makeTokenSignature(long tokenExpiryTime, String username, String password) { Matcher m = RememberMeUserDetailsService.TOKEN_PATTERN.matcher(username); String uName; if (!m.matches()) { uName = username; } else { uName = m.group(1).replace("\\@", "@"); // String service = m.group(2); } return super.makeTokenSignature(tokenExpiryTime, uName, password); }
/** A proper {@link GeoServerWebAuthenticationDetails} object must be present */ protected String retrieveUserName(Authentication authentication) { if (authentication.getDetails() instanceof GeoServerWebAuthenticationDetails) { String userGroupServiceName = ((GeoServerWebAuthenticationDetails) authentication.getDetails()) .getUserGroupServiceName(); if (userGroupServiceName == null || userGroupServiceName.trim().length() == 0) return ""; // no service specified --> no remember me return encode(super.retrieveUserName(authentication), userGroupServiceName); } else return ""; // no remember me feature without a user group service name };
Authentication successfulAuthentication) { String username = retrieveUserName(successfulAuthentication); String password = retrievePassword(successfulAuthentication); UserDetails user = getUserDetailsService().loadUserByUsername(username); password = user.getPassword(); int tokenLifetime = calculateLoginLifetime(request, successfulAuthentication); long expiryTime = System.currentTimeMillis(); String signatureValue = makeTokenSignature(expiryTime, username, password); setCookie(new String[] { username, Long.toString(expiryTime), signatureValue }, tokenLifetime, request, response);
if (isTokenExpired(tokenExpiryTime)) { throw new InvalidCookieException("Cookie token[1] has expired (expired on '" + new Date(tokenExpiryTime) + "'; current time is '" + new Date() UserDetails userDetails = getUserDetailsService().loadUserByUsername( cookieTokens[0]); String expectedTokenSignature = makeTokenSignature(tokenExpiryTime, userDetails.getUsername(), userDetails.getPassword()); if (!equals(expectedTokenSignature, cookieTokens[2])) { throw new InvalidCookieException("Cookie token[2] contained signature '" + cookieTokens[2] + "' but expected '" + expectedTokenSignature + "'");
rememberMeServices.setCookieName("remember_me_cookie"); rememberMeServices.setParameter("remember_me_checkbox"); rememberMeServices.setTokenValiditySeconds(2678400); // 1month return rememberMeServices;
@Bean public UserDetailsService getUserDetailsService() { return new LdapUserDetailsManager(); // TODO give it whatever constructor params it needs } @Bean public RememberMeServices rememberMeServices() { TokenBasedRememberMeServices rememberMeServices = new TokenBasedRememberMeServices("password", getUserDetailsService()); rememberMeServices.setCookieName("cookieName"); rememberMeServices.setParameter("rememberMe"); return rememberMeServices; }
@Override protected String encodeCookie(String[] cookieTokens) { if (cookieTokens.length > 0) { // This is a workaround for the issue with user identifiers // which start with "xy:" where "xy" is the type of auth provider used. // The problem comes from the fact that both Para and Spring use ":" as // delimeter and that breaks the cookie parsing. cookieTokens[0] = Utils.base64enc(cookieTokens[0].getBytes()); } return super.encodeCookie(cookieTokens); }
@Override protected String[] decodeCookie(String cookieValue) { String[] cookieTokens = super.decodeCookie(cookieValue); if (cookieTokens.length > 0) { cookieTokens[0] = Utils.base64dec(cookieTokens[0]); } return cookieTokens; }
@Override public RememberMeAuthenticationFilter postProcess( RememberMeAuthenticationFilter object ) { RememberMeServices rememberMeServices = object.getRememberMeServices(); if ( rememberMeServices instanceof TokenBasedRememberMeServices ) { String cookieName = rememberMeProperties.getCookie(); LOG.debug( "Configuring adminWeb remember me cookie name: {}", cookieName ); ( (TokenBasedRememberMeServices) rememberMeServices ).setCookieName( cookieName ); } return object; } } );
public RememberMeServices rememberMeServices() { TokenBasedRememberMeServices rememberMeServices = new TokenBasedRememberMeServices("password", userService); rememberMeServices.setCookieName("cookieName"); rememberMeServices.setParameter("rememberMe"); return rememberMeServices;
@Override protected String encodeCookie(String[] cookieTokens) { if (cookieTokens.length > 0) { // This is a workaround for the issue with user identifiers // which start with "xy:" where "xy" is the type of auth provider used. // The problem comes from the fact that both Para and Spring use ":" as // delimeter and that breaks the cookie parsing. cookieTokens[0] = Utils.base64enc(cookieTokens[0].getBytes()); } return super.encodeCookie(cookieTokens); }
@Override protected String[] decodeCookie(String cookieValue) { String[] cookieTokens = super.decodeCookie(cookieValue); if (cookieTokens.length > 0) { cookieTokens[0] = Utils.base64dec(cookieTokens[0]); } return cookieTokens; }
/** * Creates {@link TokenBasedRememberMeServices} * * @param http the {@link HttpSecurity} to lookup shared objects * @param key the {@link #key(String)} * @return the {@link TokenBasedRememberMeServices} */ private AbstractRememberMeServices createTokenBasedRememberMeServices(H http, String key) { UserDetailsService userDetailsService = getUserDetailsService(http); return new TokenBasedRememberMeServices(key, userDetailsService); }
@Override protected String makeTokenSignature(long tokenExpiryTime, String username, String password) { if (username != null) { username = Utils.base64enc(username.getBytes()); } String sig = super.makeTokenSignature(tokenExpiryTime, username, password); return sig; }
@Override protected String encodeCookie(String[] cookieTokens) { if (cookieTokens.length > 0) { // This is a workaround for the issue with user identifiers // which start with "xy:" where "xy" is the type of auth provider used. // The problem comes from the fact that both Para and Spring use ":" as // delimeter and that breaks the cookie parsing. cookieTokens[0] = Utils.base64enc(cookieTokens[0].getBytes()); } return super.encodeCookie(cookieTokens); }
@Override protected String[] decodeCookie(String cookieValue) { String[] cookieTokens = super.decodeCookie(cookieValue); if (cookieTokens.length > 0) { cookieTokens[0] = Utils.base64dec(cookieTokens[0]); } return cookieTokens; }
/** * Creates {@link TokenBasedRememberMeServices} * * @param http the {@link HttpSecurity} to lookup shared objects * @param key the {@link #key(String)} * @return the {@link TokenBasedRememberMeServices} */ private AbstractRememberMeServices createTokenBasedRememberMeServices(H http, String key) { UserDetailsService userDetailsService = getUserDetailsService(http); return new TokenBasedRememberMeServices(key, userDetailsService); }
@Override protected String makeTokenSignature(long tokenExpiryTime, String username, String password) { if (username != null) { username = Utils.base64enc(username.getBytes()); } String sig = super.makeTokenSignature(tokenExpiryTime, username, password); return sig; } }
/** * Creates {@link TokenBasedRememberMeServices} * * @param http the {@link HttpSecurity} to lookup shared objects * @param key the {@link #key(String)} * @return the {@link TokenBasedRememberMeServices} */ private AbstractRememberMeServices createTokenBasedRememberMeServices(H http, String key) { UserDetailsService userDetailsService = getUserDetailsService(http); return new TokenBasedRememberMeServices(key, userDetailsService); }