public final class RememberMeConfigurer<H extends HttpSecurityBuilder<H>> extends SecurityConfigurerAdapter<org.springframework.security.web.DefaultSecurityFilterChain,B>
RememberMeAuthenticationFilterHttpSecurity.authenticationProvider(org.springframework.security.authentication.AuthenticationProvider)
is populated with a RememberMeAuthenticationProviderRememberMeServices is populated as a shared object and available on
AbstractConfiguredSecurityBuilder.getSharedObject(Class)LogoutConfigurer.addLogoutHandler(LogoutHandler) is used to add a logout
handler to clean up the remember me authentication.AuthenticationManagerUserDetailsService if no userDetailsService(UserDetailsService)
was specified.DefaultLoginPageGeneratingFilter - if present will be populated with
information from the configuration| Constructor and Description |
|---|
RememberMeConfigurer()
Creates a new instance
|
| Modifier and Type | Method and Description |
|---|---|
RememberMeConfigurer<H> |
authenticationSuccessHandler(org.springframework.security.web.authentication.AuthenticationSuccessHandler authenticationSuccessHandler)
Allows control over the destination a remembered user is sent to when they are
successfully authenticated.
|
void |
configure(H http)
Configure the
SecurityBuilder by setting the necessary properties on the
SecurityBuilder. |
B |
disable()
Disables the
AbstractHttpConfigurer by removing it. |
void |
init(H http)
Initialize the
SecurityBuilder. |
RememberMeConfigurer<H> |
key(String key)
Sets the key to identify tokens created for remember me authentication.
|
RememberMeConfigurer<H> |
rememberMeCookieDomain(String rememberMeCookieDomain)
The domain name within which the remember me cookie is visible.
|
RememberMeConfigurer<H> |
rememberMeCookieName(String rememberMeCookieName)
The name of cookie which store the token for remember me authentication.
|
RememberMeConfigurer<H> |
rememberMeParameter(String rememberMeParameter)
The HTTP parameter used to indicate to remember the user at time of login.
|
RememberMeConfigurer<H> |
rememberMeServices(org.springframework.security.web.authentication.RememberMeServices rememberMeServices)
Specify the
RememberMeServices to use. |
RememberMeConfigurer<H> |
tokenRepository(org.springframework.security.web.authentication.rememberme.PersistentTokenRepository tokenRepository)
Specifies the
PersistentTokenRepository to use. |
RememberMeConfigurer<H> |
tokenValiditySeconds(int tokenValiditySeconds)
Allows specifying how long (in seconds) a token is valid for
|
RememberMeConfigurer<H> |
userDetailsService(org.springframework.security.core.userdetails.UserDetailsService userDetailsService)
Specifies the
UserDetailsService used to look up the UserDetails
when a remember me token is valid. |
RememberMeConfigurer<H> |
useSecureCookie(boolean useSecureCookie)
Whether the cookie should be flagged as secure or not.
|
T |
withObjectPostProcessor(ObjectPostProcessor<?> objectPostProcessor) |
addObjectPostProcessor, and, getBuilder, postProcess, setBuilderpublic RememberMeConfigurer<H> tokenValiditySeconds(int tokenValiditySeconds)
tokenValiditySeconds - RememberMeConfigurer for further customizationAbstractRememberMeServices.setTokenValiditySeconds(int)public RememberMeConfigurer<H> useSecureCookie(boolean useSecureCookie)
By default the cookie will be secure if the request is secure. If you only want to
use remember-me over HTTPS (recommended) you should set this property to
true.
useSecureCookie - set to true to always user secure cookies,
false to disable their use.RememberMeConfigurer for further customizationAbstractRememberMeServices.setUseSecureCookie(boolean)public RememberMeConfigurer<H> userDetailsService(org.springframework.security.core.userdetails.UserDetailsService userDetailsService)
UserDetailsService used to look up the UserDetails
when a remember me token is valid. The default is to use the
UserDetailsService found by invoking
AbstractConfiguredSecurityBuilder.getSharedObject(Class) which is set when using
WebSecurityConfigurerAdapter.configure(AuthenticationManagerBuilder).
Alternatively, one can populate rememberMeServices(RememberMeServices).userDetailsService - the UserDetailsService to configureRememberMeConfigurer for further customizationAbstractRememberMeServicespublic RememberMeConfigurer<H> tokenRepository(org.springframework.security.web.authentication.rememberme.PersistentTokenRepository tokenRepository)
PersistentTokenRepository to use. The default is to use
TokenBasedRememberMeServices instead.tokenRepository - the PersistentTokenRepository to useRememberMeConfigurer for further customizationpublic RememberMeConfigurer<H> key(String key)
key - the key to identify tokens created for remember me authenticationRememberMeConfigurer for further customizationpublic RememberMeConfigurer<H> rememberMeParameter(String rememberMeParameter)
rememberMeParameter - the HTTP parameter used to indicate to remember the userRememberMeConfigurer for further customizationpublic RememberMeConfigurer<H> rememberMeCookieName(String rememberMeCookieName)
rememberMeCookieName - the name of cookie which store the token for remember me authenticationRememberMeConfigurer for further customizationpublic RememberMeConfigurer<H> rememberMeCookieDomain(String rememberMeCookieDomain)
rememberMeCookieDomain - the domain name within which the remember me cookie is visible.RememberMeConfigurer for further customizationpublic RememberMeConfigurer<H> authenticationSuccessHandler(org.springframework.security.web.authentication.AuthenticationSuccessHandler authenticationSuccessHandler)
AuthenticationSuccessHandler is set, it will
be invoked and the doFilter() method will return immediately, thus allowing
the application to redirect the user to a specific URL, regardless of what the
original request was for.authenticationSuccessHandler - the strategy to invoke immediately before
returning from doFilter().RememberMeConfigurer for further customizationRememberMeAuthenticationFilter.setAuthenticationSuccessHandler(AuthenticationSuccessHandler)public RememberMeConfigurer<H> rememberMeServices(org.springframework.security.web.authentication.RememberMeServices rememberMeServices)
RememberMeServices to use.rememberMeServices - the RememberMeServices to useRememberMeConfigurer for further customizationsRememberMeServicespublic void init(H http) throws Exception
SecurityConfigurerSecurityBuilder. Here only shared state should be created
and modified, but not properties on the SecurityBuilder used for building
the object. This ensures that the SecurityConfigurer.configure(SecurityBuilder) method uses
the correct shared objects when building.init in interface SecurityConfigurer<org.springframework.security.web.DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>init in class SecurityConfigurerAdapter<org.springframework.security.web.DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>Exceptionpublic void configure(H http) throws Exception
SecurityConfigurerSecurityBuilder by setting the necessary properties on the
SecurityBuilder.configure in interface SecurityConfigurer<org.springframework.security.web.DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>configure in class SecurityConfigurerAdapter<org.springframework.security.web.DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>Exceptionpublic B disable()
AbstractHttpConfigurer by removing it. After doing so a fresh
version of the configuration can be applied.HttpSecurityBuilder for additional customizationspublic T withObjectPostProcessor(ObjectPostProcessor<?> objectPostProcessor)