Tuesday, January 8, 2013

Spring MVC - remember me security.xml

Below is a reference for (Spring 3.0) remember-me settings in WEB_INF/security.xml.

There are 4 pieces of information you need to define:

1) Enable remember-me functionality. Make sure you supply a key**. If you don't, it may not work.

auto-config
="false"  entry-point-ref="authenticationEntryPoint">
<remember-me services-ref="myRememberMeServices" key="your_key"/>
</http>


2)  Define the remember-me service

<beans:bean id="myRememberMeServices"
class="org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices" >
                    <beans:constructor-arg name="key" value="your_key"/>
                    <beans:constructor-arg name="userDetailsService" ref="userManager"/>
</beans:bean>


3) Define the remember-me filter

<beans:bean id="rememberMeFilter" class=
 "org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter">
  <beans:property name="rememberMeServices" ref="myRememberMeServices"/>
  <beans:property name="authenticationManager" ref="authenticationManager" />
</beans:bean>


4) Define the authentication provider

<beans:bean id="rememberMeAuthenticationProvider" class=
 "org.springframework.security.authentication.RememberMeAuthenticationProvider">
  <beans:property name="key" value="your_key"/>
</beans:bean>

No comments:

Post a Comment