Announcement Announcement Module
Collapse
No announcement yet.
Rememberme : Lost cookie after restart browser Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Rememberme : Lost cookie after restart browser

    Hi guys

    Spring security : 3.1.2.RELEASE
    Tomcat 7
    Eclipse 3.8

    My cookie is created when i check "remember me". But when i restart my browser (firefox), the cookie is not there.

    Here is my spring-security.xml

    Code:
        
        <security:http pattern="login" security="none"/>
    
        <security:http use-expressions='true'>
            <security:intercept-url pattern="/protected" access="isAuthenticated()"/>
            <security:intercept-url pattern="/**" access="permitAll"/>
            <security:form-login login-page="/login" authentication-failure-url="/login?login_error=1" />
            <security:logout logout-url="/j_spring_security_logout" />
            <security:remember-me services-ref="rememberMeServices" key="testKeyForBlog" />
        </security:http>
    
        <bean id="rememberMeServices"
              class="org.springframework.security.web.authentication.rememberme.PersistentTokenBasedRememberMeServices">
            <property name="tokenRepository" ref="customTokenRepository" />
            <property name="userDetailsService" ref="userDetailsService" />
            <property name="key" value="testKeyForBlog" />
            <property name="tokenValiditySeconds" value="864000"></property>
        </bean>
    
        <security:authentication-manager alias="authenticationManager">
            <security:authentication-provider ref="authenticationProvider" />
        </security:authentication-manager>
    
        <bean id="authenticationProvider" class="org.springframework.security.authentication.dao.DaoAuthenticationProvider">
            <property name="userDetailsService" ref="userDetailsService" />
        </bean>
    my CustomTokenRepository class

    Code:
    @Component
    public class CustomTokenRepository implements PersistentTokenRepository {
    
        @Autowired
        private TokenDao tokenDao;
    
        @Override
        public void createNewToken(PersistentRememberMeToken token) {
            tokenDao.createNewToken(new Token(token));
        }
    
        @Override
        public void updateToken(String series, String tokenValue, Date lastUsed) {
            tokenDao.updateToken(series, tokenValue, lastUsed);
        }
    
        @Override
        public PersistentRememberMeToken getTokenForSeries(String seriesId) {
            Token token = tokenDao.getTokenForSeries(seriesId); --> Here return null :(
            if (token == null) {
                return null;
            }
            return new PersistentRememberMeToken(token.getUsername(),
                    token.getSeries(), token.getTokenValue(), token.getDate());
        }
    
        @Override
        public void removeUserTokens(String username) {
            tokenDao.removeUserTokens(username);
        }
    }
    My cookie:
    SPRING_SECURITY_REMEMBER_ME_COOKIE=WUtqaFl0VWRyUWp NUTY5STYyOHVPUT09OnRVemZSZ2tTclIvSVl0ODhoSXBWS0E9P Q; expires=Sun, 12 May 2013 17:43:35 GMT; path=/SpringSecurityRememberMe; domain=localhost; HttpOnly

    Some more info about this following call tokenDao.getTokenForSeries(seriesId)
    presentSeries:9BRUwd3izFWv7OA0K01msw==
    presentToken:8jj86VAYMyMuzVzs4nWhHA==
    Exception : No persistent token found for series id: 9BRUwd3izFWv7OA0K01msw==

    How can we explain this exception ?

    Anthony
    Last edited by anthony44; May 4th, 2013, 02:35 PM. Reason: SessionFactory ?
Working...
X