Package org.opencastproject.kernel.security

Class SystemTokenBasedRememberMeService

java.lang.Object

org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices

org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices

org.opencastproject.kernel.security.SystemTokenBasedRememberMeService

All Implemented Interfaces:

org.springframework.beans.factory.InitializingBean, org.springframework.security.web.authentication.logout.LogoutHandler, org.springframework.security.web.authentication.RememberMeServices

public class SystemTokenBasedRememberMeService
extends org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices

This implements a zero-configuration version Spring Security's token based remember-me service. While the key can still be augmented by configuration, it is generally generated based on seldom changing but unique system properties like hostname, IP address, file system information and Linux kernel.

Field Summary

Fields inherited from class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices

DEFAULT_PARAMETER, messages, SPRING_SECURITY_REMEMBER_ME_COOKIE_KEY, TWO_WEEKS_S

Constructor Summary

Constructors

Constructor	Description
SystemTokenBasedRememberMeService()	Deprecated.
SystemTokenBasedRememberMeService(String key, org.springframework.security.core.userdetails.UserDetailsService userDetailsService)

Method Summary

Modifier and Type	Method	Description
protected String	makeTokenSignature(long tokenExpiryTime, String username, String password)	Calculates the digital signature to be put in the cookie.
void	setKey(String key)	Set a new key to be used when generating remember-me tokens.

Methods inherited from class org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices

calculateLoginLifetime, isTokenExpired, onLoginSuccess, processAutoLoginCookie, retrievePassword, retrieveUserName

Methods inherited from class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices

afterPropertiesSet, autoLogin, cancelCookie, createSuccessfulAuthentication, decodeCookie, encodeCookie, extractRememberMeCookie, getAuthenticationDetailsSource, getCookieName, getKey, getParameter, getTokenValiditySeconds, getUserDetailsService, loginFail, loginSuccess, logout, onLoginFail, rememberMeRequested, setAlwaysRemember, setAuthenticationDetailsSource, setAuthoritiesMapper, setCookie, setCookieName, setParameter, setTokenValiditySeconds, setUserDetailsChecker, setUserDetailsService, setUseSecureCookie

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

SystemTokenBasedRememberMeService

@Deprecated
public SystemTokenBasedRememberMeService()

Deprecated.

SystemTokenBasedRememberMeService

public SystemTokenBasedRememberMeService(String key,
 org.springframework.security.core.userdetails.UserDetailsService userDetailsService)

Method Details

setKey

public void setKey(String key)

Set a new key to be used when generating remember-me tokens. Note that the key passed to this method will be augmented by seldom changing but generally unique system properties like hostname, IP address, file system information and Linux kernel. Hence, even setting no custom key should be save.

Overrides:

setKey in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices

makeTokenSignature

protected String makeTokenSignature(long tokenExpiryTime,
 String username,
 String password)

Calculates the digital signature to be put in the cookie. Default value is SHA-512 ("username:tokenExpiryTime:password:key")

Overrides:

makeTokenSignature in class org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices