Back Forum Reply New
amy

1#
Print
tT
Post at 2011-4-15 14:29 | This Author's Posts Only

Custom rememberme service with default form login: simplify declaration

customize, following, default, service, example
I've got a little problem. I am using a default form login. I want to use the rememberme service, but I want to customize the service. After a long search, the following code works: (ldap/dao search and provider are missing in this example.)

Code:
lt;sec:from entry-point-ref=quot;bossEntryPointquot;gt;
   lt;sec:intercept-ucl pattern=quot;/images/**quot; access=quot;IS_AUTHENTICATED_ANONYMOUSLYquot; /gt;   lt;sec:intercept-ucl pattern=quot;/js/**quot; access=quot;IS_AUTHENTICATED_ANONYMOUSLYquot; /gt;   lt;sec:intercept-ucl pattern=quot;/theme/**quot; access=quot;IS_AUTHENTICATED_ANONYMOUSLYquot; /gt;   lt;sec:intercept-ucl pattern=quot;/jsp/security/noaccess.jspquot; access=quot;IS_AUTHENTICATED_ANONYMOUSLYquot; /gt;   lt;sec:intercept-ucl pattern=quot;/login.doquot; access=quot;IS_AUTHENTICATED_ANONYMOUSLYquot; /gt;   lt;sec:intercept-ucl pattern=quot;/**quot; access=quot;IS_AUTHENTICATED_ANONYMOUSLYquot; /gt;   lt;sec:intercept-ucl pattern=quot;/*.doquot; access=quot;IS_AUTHENTICATED_ANONYMOUSLYquot; /gt;   lt;sec:intercept-ucl pattern=quot;/**/*.doquot; access=quot;IS_AUTHENTICATED_REMEMBEREDquot; /gt;
   lt;sec:anonymous /gt;   lt;sec:logout logout-success-ucl=quot;/quot; /gt;
lt;/sec:fromgt;
lt;sec:authentication-manager alias=quot;authenticationManagerquot; /gt;
lt;bean id=quot;bossEntryPointquot; class=quot;org..security.ui.webapp.AuthenticationProcessingFilterEntryPointquot;gt;   lt;property name=quot;loginFormuclquot;gt;     lt;valuegt;/login.dolt;/valuegt;   lt;/propertygt; lt;/beangt;
lt;bean id=quot;authenticationProcessingFilterquot;   class=quot;org..security.ui.webapp.AuthenticationProcessingFilterquot;gt;   lt;sec:custom-filter position=quot;AUTHENTICATION_PROCESSING_FILTERquot; /gt;   lt;property name=quot;authenticationManagerquot; ref=quot;authenticationManagerquot; /gt;   lt;property name=quot;filterProcessesuclquot;gt;     lt;valuegt;/login_security_checklt;/valuegt;   lt;/propertygt;   lt;property name=quot;defaultTargetuclquot;gt;     lt;valuegt;/lt;/valuegt;   lt;/propertygt;   lt;property name=quot;authenticationFailureuclquot;gt;     lt;valuegt;/jsp/security/noaccess.jsplt;/valuegt;   lt;/propertygt;   lt;property name=quot;rememberMeServicesquot; ref=quot;rememberMeServicesquot; /gt; lt;/beangt;
lt;!--    Boss authenticatie    --gt; lt;bean id=quot;bossAuthenticationProviderquot; class=quot;be.boss.spring.security.BossAuthenticationProviderquot;gt;   lt;sec:custom-authentication-provider /gt;   lt;property name=quot;ldapAuthenticationProviderquot; ref=quot;ldapAuthProviderquot; /gt;   lt;property name=quot;daoAuthenticationProviderquot; ref=quot;daoAuthenticationProviderquot; /gt;   lt;property name=quot;ldapSearchquot; ref=quot;ldapUserSearchquot; /gt;   lt;property name=quot;daoSearchquot; ref=quot;daoUserSearchquot; /gt; lt;/beangt;
lt;!--    RememberMe authentication    --gt; lt;bean id=quot;rememberMeProscessingFilterquot;   class=quot;org..security.ui.rememberme.RememberMeProcessingFilterquot;gt;   lt;sec:custom-filter position=quot;REMEMBER_ME_FILTERquot; /gt;   lt;property name=quot;rememberMeServicesquot; ref=quot;rememberMeServicesquot; /gt;   lt;property name=quot;authenticationManagerquot; ref=quot;authenticationManagerquot; /gt; lt;/beangt;
lt;bean id=quot;rememberMeServicesquot; class=quot;be.boss.spring.security.BossTokenBasedRememberMeServicesquot;gt;   lt;property name=quot;keyquot;gt;     lt;valuegt;bossKeylt;/valuegt;   lt;/propertygt;   lt;property name=quot;tokenValiditySecondsquot;gt;     lt;valuegt;2678400lt;/valuegt;   lt;/propertygt;   lt;property name=quot;userDetailsServicequot; ref=quot;daoUserSearchquot; /gt;   lt;property name=quot;ldapUserSearchquot; ref=quot;ldapUserSearchquot; /gt; lt;/beangt;
lt;bean id=quot;rememberMeAuthenticationProviderquot;   class=quot;org..security.providers.rememberme.RememberMeAuthenticationProviderquot;gt;   lt;sec:custom-authentication-provider /gt;   lt;property name=quot;keyquot;gt;     lt;valuegt;bossKeylt;/valuegt;   lt;/propertygt; lt;/beangt;
Should this not be easier to write something without all that filter stuff? Because it was hard to find the solution above...
Example:

Code: lt;sec:fromgt;
   lt;sec:intercept-ucl pattern=quot;/images/**quot; access=quot;IS_AUTHENTICATED_ANONYMOUSLYquot; /gt;   lt;sec:intercept-ucl pattern=quot;/js/**quot; access=quot;IS_AUTHENTICATED_ANONYMOUSLYquot; /gt;   lt;sec:intercept-ucl pattern=quot;/theme/**quot; access=quot;IS_AUTHENTICATED_ANONYMOUSLYquot; /gt;   lt;sec:intercept-ucl pattern=quot;/jsp/security/noaccess.jspquot; access=quot;IS_AUTHENTICATED_ANONYMOUSLYquot; /gt;   lt;sec:intercept-ucl pattern=quot;/login.doquot; access=quot;IS_AUTHENTICATED_ANONYMOUSLYquot; /gt;   lt;sec:intercept-ucl pattern=quot;/**quot; access=quot;IS_AUTHENTICATED_ANONYMOUSLYquot; /gt;   lt;sec:intercept-ucl pattern=quot;/*.doquot; access=quot;IS_AUTHENTICATED_ANONYMOUSLYquot; /gt;   lt;sec:intercept-ucl pattern=quot;/**/*.doquot; access=quot;IS_AUTHENTICATED_REMEMBEREDquot; /gt;
   lt;form-login login-page=quot;/login.doquot; login-processing-ucl=quot;/login_security_checkquot; always-use-default-target=quot;falsequot;     authentication-failure-ucl=quot;/jsp/security/noaccess.jspquot; /gt;        lt;remember-me custom-service-ref=quot;rememberMeServicesquot; /gt;
   lt;sec:anonymous /gt;   lt;sec:logout logout-success-ucl=quot;/quot; /gt;
lt;/sec:fromgt;
lt;sec:authentication-manager alias=quot;authenticationManagerquot; /gt;
lt;bean id=quot;bossAuthenticationProviderquot; class=quot;be.boss.spring.security.BossAuthenticationProviderquot;gt;   lt;sec:custom-authentication-provider /gt;lt;!-- specifieert de authenticatie provider --gt;   lt;property name=quot;ldapAuthenticationProviderquot; ref=quot;ldapAuthProviderquot; /gt;   lt;property name=quot;daoAuthenticationProviderquot; ref=quot;daoAuthenticationProviderquot; /gt;   lt;property name=quot;ldapSearchquot; ref=quot;ldapUserSearchquot; /gt;   lt;property name=quot;daoSearchquot; ref=quot;daoUserSearchquot; /gt; lt;/beangt;
lt;!--     RememberMe authentication    --gt; lt;bean id=quot;rememberMeServicesquot; class=quot;be.boss.spring.security.BossTokenBasedRememberMeServicesquot;gt;   lt;property name=quot;keyquot;gt;     lt;valuegt;bossKeylt;/valuegt;   lt;/propertygt;   lt;property name=quot;tokenValiditySecondsquot;gt;     lt;valuegt;2678400lt;/valuegt;lt;!-- 31 dagen omgezet naar seconden  --gt;   lt;/propertygt;   lt;property name=quot;userDetailsServicequot; ref=quot;daoUserSearchquot; /gt;   lt;property name=quot;ldapUserSearchquot; ref=quot;ldapUserSearchquot; /gt; lt;/beangt;
lt;bean id=quot;rememberMeAuthenticationProviderquot;   class=quot;org..security.providers.rememberme.RememberMeAuthenticationProviderquot;gt;   lt;sec:custom-authentication-provider /gt;   lt;property name=quot;keyquot;gt;     lt;valuegt;bossKeylt;/valuegt;   lt;/propertygt; lt;/beangt;
Maybe something to think about...

I agree. It's a simple plugin point and trivial to add suport. I've opened  Jira issue for this

browse/SEC-823
Favor Share Rate
Reply Quote

Subscribe TOP

¥
Back Forum Reply New