Home Explore Help
Register Sign In
github
/
spring-security
mirror of https://github.com/spring-projects/spring-security
2
0
Fork 0
Files Issues 0 Wiki
Browse Source

SEC-2880: Add a setter method to override the cookie name of remember-me

Kazuki Shimizu 10 years ago
parent
ec89fdcfaa
commit
0c77c2071b
2 changed files with 33 additions and 2 deletions
Split View Show Diff Stats
  1. 13 1
      config/src/main/java/org/springframework/security/config/annotation/web/configurers/RememberMeConfigurer.java
  2. 20 1
      config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/NamespaceRememberMeTests.groovy

+ 13 - 1
config/src/main/java/org/springframework/security/config/annotation/web/configurers/RememberMeConfigurer.java
View File 

@@ -1,5 +1,5 @@
 
 /*
 
- * Copyright 2002-2013 the original author or authors.
 
+ * Copyright 2002-2015 the original author or authors.
 
  *
 
  * Licensed under the Apache License, Version 2.0 (the "License");
 
  * you may not use this file except in compliance with the License.
 
@@ -180,6 +180,18 @@ public final class RememberMeConfigurer<H extends HttpSecurityBuilder<H>> extend
 
 		return this;
 
 	}
 
 
+	/**
 
+	 * The name of cookie which store the token for remember me authentication. Defaults to 'remember-me'.
 
+	 *
 
+	 * @param rememberMeCookieName the name of cookie which store the token for remember me authentication
 
+	 * @return  the {@link RememberMeConfigurer} for further customization
 
+	 * @since 4.0.1
 
+	 */
 
+	public RememberMeConfigurer<H> rememberMeCookieName(String rememberMeCookieName) {
 
+		this.rememberMeCookieName = rememberMeCookieName;
 
+		return this;
 
+	}
 
+
 
 	/**
 
 	 * Allows control over the destination a remembered user is sent to when they are
 
 	 * successfully authenticated. By default, the filter will just allow the current

+ 20 - 1
config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/NamespaceRememberMeTests.groovy
View File 

@@ -1,5 +1,5 @@
 
 /*
 
- * Copyright 2002-2013 the original author or authors.
 
+ * Copyright 2002-2015 the original author or authors.
 
  *
 
  * Licensed under the Apache License, Version 2.0 (the "License");
 
  * you may not use this file except in compliance with the License.
 
@@ -270,6 +270,25 @@ public class NamespaceRememberMeTests extends BaseSpringSpec {
 
             findFilter(RememberMeAuthenticationFilter).rememberMeServices.parameter == "rememberMe"
 
     }
 
 
+    @Configuration
 
+    static class RememberMeCookieNameConfig extends BaseWebConfig {
 
+        protected void configure(HttpSecurity http) throws Exception {
 
+            http
 
+                .formLogin()
 
+                    .and()
 
+                .rememberMe()
 
+                    .rememberMeCookieName("rememberMe")
 
+        }
 
+    }
 
+
 
+    // SEC-2880
 
+    def "http/remember-me@remember-me-cookie"() {
 
+        when: "use custom rememberMeCookieName"
 
+        loadConfig(RememberMeCookieNameConfig)
 
+        then: "custom rememberMeCookieName will be used"
 
+        findFilter(RememberMeAuthenticationFilter).rememberMeServices.cookieName == "rememberMe"
 
+    }
 
+
 
     @Configuration
 
     static class UseSecureCookieConfig extends BaseWebConfig {
 
         protected void configure(HttpSecurity http) throws Exception {