PersistentTokenBasedRememberMeServices and cookies

**vitorpfn** · Nov 30th, 2011, 05:04 AM

Hey, i need to save the cookie signature of browser when remember me option is actived.

I have this security configuration:

Code:

	<http auto-config="true" use-expressions="true">
		<intercept-url pattern="/login.do" access="permitAll" />
		<intercept-url pattern="/account/*.do"
			access="hasRole('ROLE_USER')
			and fullyAuthenticated" />
		<intercept-url pattern="/**" access="hasRole('ROLE_USER')" />
		<form-login login-page="/login.do" />
		<logout invalidate-session="true" logout-url="/j_spring_security_logout"
			logout-success-url="/" />
			
		<remember-me key="jbcpPetStore" token-validity-seconds="3600" data-source-ref="dataSource"/>

	</http>

	<authentication-manager alias="authenticationManager">
		<authentication-provider user-service-ref="jdbcUserServiceCustom">
			<password-encoder ref="passwordEncoder">
				<salt-source ref="saltSource"/>
			</password-encoder>
		</authentication-provider>
	</authentication-manager>

	<jdbc:embedded-database id="dataSource" type="HSQL">
		<jdbc:script location="classpath:security-schema.sql" />
		<jdbc:script location="classpath:remember-me-schema.sql" />
		<jdbc:script location="classpath:test-users-groups-data.sql" />
	</jdbc:embedded-database>

Before i had implemented my custom TokenBasedRememberMeServices but with persistent mode i can't use the tag services-ref in the remember me element

I have to implement my custom class to persistent remember me services and extend PersistentTokenBasedRememberMeServices but i dont know how i should make this configuration on xml file and catch the events on LoginSucess and sent cookie to browser.

Any help? thanks

**Rob Winch** · Dec 1st, 2011, 08:31 AM

First can you expand on what you are trying to do and why? This might help me or others to help you find the best solution for your problem. You cannot specify both services-ref and data-source-ref because you use one or the other. By specifying the data-source-ref you have stated you want to use PersistentTokenBasedRememberMeServices.

**vitorpfn** · Dec 12th, 2011, 03:57 AM

Originally Posted by rwinch

First can you expand on what you are trying to do and why? This might help me or others to help you find the best solution for your problem. You cannot specify both services-ref and data-source-ref because you use one or the other. By specifying the data-source-ref you have stated you want to use PersistentTokenBasedRememberMeServices.

I am trying to save information on persistent_login on another table but i try with spring classes and when login is with success, any data is inserted in my tablet soo i make a custom TokenBasedRememberMeServices

- I am using HSQLDB
- I implemented MyJdbcTokenRepositoryImpl and MyPersistentTokenBasedRememberMeServices

I put an interceptor to org.springframework.security.web.authentication.re memberme.JdbcTokenRepositoryImpl.createNewToken(.. ) and this is called. I dont know why is called because in my beans declarations, i have declared my custom JdbcTokenRepositoryImpll.

Any help? tahnks

Thread: PersistentTokenBasedRememberMeServices and cookies

Thread Tools

Display

PersistentTokenBasedRememberMeServices and cookies

Posting Permissions