Announcement Announcement Module
Collapse
No announcement yet.
Use remember me persistent approach without login form? Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Use remember me persistent approach without login form?

    Hi,

    I try to implement my own solution to use remember-me persistent token approach with Mongo DB

    I am working on a mobile app which has not views. It authenticates against the server with a Json request and the server granted access like:

    Code:
    		UserDetails userDetails = loadUser(user);
    		Authentication authentication = new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities());
    		SecurityContextHolder.getContext().setAuthentication(authentication);
    this is my security-config file

    Code:
    <beans:beans xmlns="http://www.springframework.org/schema/security" xmlns:beans="http://www.springframework.org/schema/beans"
    	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    	xsi:schemaLocation="http://www.springframework.org/schema/beans 
                        http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
                        http://www.springframework.org/schema/security 
                        http://www.springframework.org/schema/security/spring-security-3.1.xsd">
    
    	<http pattern="/static" security="none" />
    
    	<http use-expressions="true">
    		<remember-me services-ref="rememberMeServices" key="myRememberMeKey" />
    		<logout invalidate-session="true" logout-url="/logout" />
    		<intercept-url pattern="/users/**" access="isAuthenticated()" />
    		<intercept-url pattern="/**" access="permitAll" />
    		<form-login authentication-failure-url="/denied" login-page="/denied" />
    		<access-denied-handler error-page="/denied" />
    	</http>
    
    	<beans:bean id="customUserDetailsService" class="com.mycomp.myapp.security.CustomUserDetailsService" />
    
    	<authentication-manager alias="authenticationManager">
    		<authentication-provider user-service-ref="customUserDetailsService">
    			<password-encoder hash="md5" />
    		</authentication-provider>
    	</authentication-manager>
    
    	<beans:bean id="mongoDBTokenRepository" class="com.mycomp.myapp.security.MongoDBTokenRepository" />
    	<beans:bean id="persistanceTokenDao" class="com.mycomp.myapp.security.PersistanceTokenDao" />
    
    	<beans:bean id="rememberMeServices" class="org.springframework.security.web.authentication.rememberme.PersistentTokenBasedRememberMeServices">
    		<beans:property name="tokenRepository" ref="mongoDBTokenRepository" />
    		<beans:property name="userDetailsService" ref="customUserDetailsService" />
    		<beans:property name="key" value="myRememberMeKey" />
    		<beans:property name="alwaysRemember" value="true" />
    	</beans:bean>
    
    </beans:beans>
    My problem is that I cannot get my tokens saved when a users log in. I followed this post: http://www.tikalk.com/implementing-s...-using-mongodb to implement the mongoDBTokenRepository and PersistanceTokenDao

    I have set breakpoints inside the Dao's and services but it never stops,

    Any help? I have been stucked for over two weeks !!

    THANKS!
Working...
X