Manually set spring security auth remember me

0
votes

In implementing the apps login,I want to use the spring security to set who logins,but how to set remember? My UserLogin likes this.

UserDetails usDetails userDetails.loadUserByUsername(u.getAccount()); Authentication authentication = new UsernamePasswordAuthenticationToken(
usDetails, usDetails.getPassword(), usDetails.getAuthorities());
SecurityContextHolder.getContext().setAuthentication(authentication); HttpSession session = request.getSession(true); session.setAttribute("SPRING_SECURITY_CONTEXT",SecurityContextHolder.getContext());

But How can I set remember?

1
spring-security
Why do you want to do that? - Neil McGuigan

1 Answers

1
votes

Your class should wire in the RememberMeServices bean being used in your application.

Once the authentication code you listed above executes, you should call the following:

rememberMeServices.loginSuccess(request, response, authentication);

The request passed into the method must have the remember me parameter (default _spring_security_remember_me) set to true as the call checks the request to make sure remember me was indicated.

RememberMeServices documentation:
http://docs.spring.io/autorepo/docs/spring-security/3.2.2.RELEASE/apidocs/org/springframework/security/web/authentication/RememberMeServices.html

AbstractRememberMeServices source:
https://github.com/spring-projects/spring-security/blob/master/web/src/main/java/org/springframework/security/web/authentication/rememberme/AbstractRememberMeServices.java

The actual implementing class depends on what type of remember me you implemented/indicatd in your application.