Spring 3.0 Remember Me

[sand_sio2]

application-security.XML

Code:

<security:http access-decision-manager-ref="accessDecisionManager" access-denied-page="/home.htm?failed=true">
   	<security:session-management session-authentication-strategy-ref="sessionFixation" invalid-session-url="/home.htm" />
    	   	
    	<security:form-login login-page="/standardlogin.htm" authentication-success-handler-ref="authenticationSuccessHandler"  authentication-failure-handler-ref="authenticationFailureHandler" />
    	<security:logout logout-url="/j_spring_security_logout" logout-success-url="/home.htm" invalidate-session="true" />
    	<security:anonymous username="anonymous" />
    	<security:remember-me services-ref="rememberMeServices" key="a23eef6dfd1514cb885f47070380ff18"/>
    </security:http>
    
    <bean id="sessionFixation" class="de.hybris.platform.servicelayer.security.spring.HybrisSessionFixationProtectionStrategy"/>
    
    <security:global-method-security secured-annotations="enabled" access-decision-manager-ref="accessDecisionManager"/>
   	
   	<security:authentication-manager alias="theAuthenticationManager">
				<security:authentication-provider ref="authenticationProvider" />
				<security:authentication-provider ref="rememberMeAuthenticationProvider" />
	</security:authentication-manager>
	
	<bean id="authenticationSuccessHandler" class="com.entertainment.ecom.web.auth.EcomAuthenticationSuccessHandler">
	 <constructor-arg value="/firstpage.htm"></constructor-arg>
	</bean>
	
	<bean id="authenticationFailureHandler" class="com.entertainment.ecom.web.auth.EcomAuthenticationFailureHandler">
        <constructor-arg value="/home.htm?failed=true"></constructor-arg>
	</bean>
	
    <bean id="authenticationProvider" parent="ecomAuthenticationProvider" scope="tenant"/>
    
	<bean id="ecomAuthenticationProvider" class="com.entertainment.ecom.web.auth.EcomAuthenticationProvider" scope="tenant" abstract="true" />
	
	<util:set id="authorizedGroups" value-type="java.lang.String">
		<value>customergroup</value>
	</util:set>
	
    <bean id="accessDecisionManager" class="org.springframework.security.access.vote.AffirmativeBased">
		<property name="decisionVoters">
			<list>
				<bean id="notInitializedVoter" class="de.hybris.platform.spring.security.voter.HybrisNotInitializedVoter" />
				<bean id="roleVoter" class="org.springframework.security.access.vote.RoleVoter" />
				<bean id="authenticatedVoter" class="org.springframework.security.access.vote.AuthenticatedVoter" />
			</list>
		</property>
	</bean>
		
	<bean id="ecomUserDetailsService" class="com.entertainment.ecom.web.auth.EcomUserDetailsService"/>
	
	<bean id="authenticationFilter" class="org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter">
	 	 <property name="authenticationManager" ref="theAuthenticationManager"/>
	 	 <property name="filterProcessesUrl" value="/j_spring_security_check"/>
	 	 <property name="rememberMeServices" ref="rememberMeServices"/>
		 <property name="authenticationFailureHandler" ref="authenticationFailureHandler"/>
		 <property name="authenticationSuccessHandler" ref="authenticationSuccessHandler"/>
	</bean> 
	
	<bean id="rememberMeFilter" class=
		"org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter">
		<property name="rememberMeServices" ref="rememberMeServices"/>
		<property name="authenticationManager" ref="theAuthenticationManager" />
	</bean>
	
	<bean id="rememberMeServices" class=
		"org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices">
		<property name="userDetailsService" ref="ecomUserDetailsService"/>
		<property name="key" value="a23eef6dfd1514cb885f47070380ff18"/>
		<property name="parameter" value="_spring_security_remember_me"/>
 	  	<property name="cookieName" value="ENTC"/>
  	    <property name="tokenValiditySeconds" value="80000"/>
	</bean>
	
	<bean id="rememberMeAuthenticationProvider" class=
		"org.springframework.security.authentication.RememberMeAuthenticationProvider">
		<property name="key" value="a23eef6dfd1514cb885f47070380ff18"/>
	</bean>
	
	<bean id="myfilterChainProxy" class="org.springframework.security.web.FilterChainProxy">
     <security:filter-chain-map path-type="ant">
         <security:filter-chain pattern="/firstpage.htm" filters="authenticationFilter,rememberMeFilter"/>
     </security:filter-chain-map>
 	</bean>

login.jsp

Code:

              <form id="loginForm" name="loginForm"  method="post" action="j_spring_security_check?standardlogin">
                  <input class="textBox" type="text" name="j_username" id="j_username" />
                  <input class="textBox" type="password" name="j_password" id="j_password" />
                    <input type="checkbox" class="chkinput" name="_spring_security_remember_me" value="" checked="checked"/>

Trying to implement "Remember Me" in "Simple Hash-Based Token Approach"
1)Is the above configuration complete and correct? Even cookie is not created.
2)In login.jsp should the name of checkbox be "_spring_security_remember_me".
3)Giving context path for <security:filter-chain pattern="/ecomweb"
4)can the key be any unique value="e4d909c290d0fb1ca068ffaddf22cbd0"
5)difference between this <security:form-login login-page="/standardlogin.htm"

and

<bean id="authenticationEntryPoint" class="org.springframework.security.web.authentica tion.LoginUrlAuthenticationEntryPoint">
<property name="loginFormUrl" value="/standardlogin.htm"/>

6)What is the sequence of remember me authentication process from when we check?

Please guide me resolve the issue.
the checkbox in JSP