SEC-2873: Remember Me XML Configuration Defaults Should Match Java Config

config/src/main/resources/org/springframework/security/config/spring-security-4.0.rnc

@@ -584,10 +584,10 @@ remember-me.attlist &=
     ## Reference to an AuthenticationSuccessHandler bean which should be used to handle a successful remember-me authentication.
     attribute authentication-success-handler-ref {xsd:token}?
 remember-me.attlist &=
-    ## The name of the request parameter which toggles remember-me authentication. Defaults to '_spring_security_remember_me'.
+    ## The name of the request parameter which toggles remember-me authentication. Defaults to 'remember-me'.
     attribute remember-me-parameter {xsd:token}?
 remember-me.attlist &=
-    ## The name of cookie which store the token for remember-me authentication. Defaults to 'SPRING_SECURITY_REMEMBER_ME_COOKIE'.
+    ## The name of cookie which store the token for remember-me authentication. Defaults to 'remember-me'.
     attribute remember-me-cookie {xsd:token}?
 
 token-repository-ref =

config/src/main/resources/org/springframework/security/config/spring-security-4.0.xsd

@@ -1823,14 +1823,14 @@
       <xs:attribute name="remember-me-parameter" type="xs:token">
          <xs:annotation>
             <xs:documentation>The name of the request parameter which toggles remember-me authentication. Defaults to
-                '_spring_security_remember_me'.
+                'remember-me'.
                 </xs:documentation>
          </xs:annotation>
       </xs:attribute>
       <xs:attribute name="remember-me-cookie" type="xs:token">
           <xs:annotation>
               <xs:documentation>The name of cookie which store the token for remember-me authentication. Defaults to
-                  'SPRING_SECURITY_REMEMBER_ME_COOKIE'.
+                  'remember-me'.
               </xs:documentation>
           </xs:annotation>
       </xs:attribute>

docs/manual/src/docs/asciidoc/index.adoc

@@ -7591,12 +7591,12 @@ A reference to a `DataSource` bean. If this is set, `PersistentTokenBasedRemembe
 
 [[nsa-remember-me-remember-me-parameter]]
 * **remember-me-parameter**
-The name of the request parameter which toggles remember-me authentication. Defaults to "_spring_security_remember_me". Maps to the "parameter" property of `AbstractRememberMeServices`.
+The name of the request parameter which toggles remember-me authentication. Defaults to "remember-me". Maps to the "parameter" property of `AbstractRememberMeServices`.
 
 
 [[nsa-remember-me-remember-me-cookie]]
 * **remember-me-cookie**
-The name of cookie which store the token for remember-me authentication. Defaults to "SPRING_SECURITY_REMEMBER_ME_COOKIE". Maps to the "cookieName" property of `AbstractRememberMeServices`.
+The name of cookie which store the token for remember-me authentication. Defaults to "remember-me". Maps to the "cookieName" property of `AbstractRememberMeServices`.
 
 
 [[nsa-remember-me-key]]

itest/web/src/integration-test/java/org/springframework/security/integration/AbstractWebServerIntegrationTests.java

@@ -119,7 +119,7 @@ public abstract class AbstractWebServerIntegrationTests {
     protected Cookie getRememberMeCookie() {
         List<Cookie> cookies = (List<Cookie>) tester.getTestingEngine().getCookies();
         for (Cookie c : cookies) {
-            if (c.getName().equals("SPRING_SECURITY_REMEMBER_ME_COOKIE")) {
+            if (c.getName().equals("remember-me")) {
                 return c;
             }
         }

itest/web/src/integration-test/java/org/springframework/security/integration/InMemoryProviderWebAppTests.java

@@ -62,7 +62,7 @@ public class InMemoryProviderWebAppTests extends AbstractWebServerIntegrationTes
     @Test
     public void persistentLoginIsSuccesful() throws Exception {
         beginAt("secure/index.html");
-        tester.checkCheckbox("_spring_security_remember_me");
+        tester.checkCheckbox("remember-me");
         login("jimi", "jimispassword");
         Cookie rememberMe = getRememberMeCookie();
         assertNotNull(rememberMe);

itest/web/src/main/webapp/login.jsp

@@ -20,7 +20,7 @@ Your login attempt was not successful, try again. ${SPRING_SECURITY_LAST_EXCEPTI
   <table>
     <tr><td>User:</td><td><input type='text' name='username' value=''/></td></tr>
     <tr><td>Password:</td><td><input type='password' name='password'></td></tr>
-    <tr><td><input type="checkbox" name="_spring_security_remember_me"></td><td>Don't ask for my password for two weeks</td></tr>
+    <tr><td><input type="checkbox" name="remember-me"></td><td>Don't ask for my password for two weeks</td></tr>
     <tr><td colspan='2'><input name="submit" type="submit"></td></tr>
     <tr><td colspan='2'><input name="reset" type="reset"></td></tr>
   </table>

samples/contacts-xml/src/main/webapp/login.jsp

@@ -35,7 +35,7 @@
       <table>
         <tr><td>User:</td><td><input type='text' name='username' value='<c:if test="${not empty param.login_error}"><c:out value="${SPRING_SECURITY_LAST_USERNAME}"/></c:if>'/></td></tr>
         <tr><td>Password:</td><td><input type='password' name='password'></td></tr>
-        <tr><td><input type="checkbox" name="_spring_security_remember_me"></td><td>Don't ask for my password for two weeks</td></tr>
+        <tr><td><input type="checkbox" name="remember-me"></td><td>Don't ask for my password for two weeks</td></tr>
 
         <tr><td colspan='2'><input name="submit" type="submit"></td></tr>
         <tr><td colspan='2'><input name="reset" type="reset"></td></tr>

sandbox/heavyduty/src/main/webapp/WEB-INF/freemarker/login.ftl

@@ -10,7 +10,7 @@
       <table>
         <tr><td>User:</td><td><input type='text' name='username' value=''/></td></tr>
         <tr><td>Password:</td><td><input type='password' name='password' value=''/></td></tr>
-        <tr><td><input type="checkbox" name="_spring_security_remember_me"/></td><td>Don't ask for my password for two weeks</td></tr>
+        <tr><td><input type="checkbox" name="remember-me"/></td><td>Don't ask for my password for two weeks</td></tr>
 
         <tr><td colspan='2'><input name="submit" type="submit"></td></tr>
         <tr><td colspan='2'><input name="reset" type="reset"></td></tr>

sandbox/heavyduty/src/main/webapp/login.jsp

@@ -15,7 +15,7 @@
       <table>
         <tr><td>User:</td><td><input type='text' name='username' /></td></tr>
         <tr><td>Password:</td><td><input type='password' name='password'/></td></tr>
-        <tr><td><input type="checkbox" name="_spring_security_remember_me"></td><td>Don't ask for my password for two weeks</td></tr>
+        <tr><td><input type="checkbox" name="remember-me"></td><td>Don't ask for my password for two weeks</td></tr>
 
         <tr><td colspan='2'><input name="submit" type="submit"></td></tr>
         <tr><td colspan='2'><input name="reset" type="reset"></td></tr>

sandbox/webflow/src/main/webapp/WEB-INF/freemarker/login.ftl

@@ -10,7 +10,7 @@
       <table>
         <tr><td>User:</td><td><input type='text' name='username' value=''/></td></tr>
         <tr><td>Password:</td><td><input type='password' name='password' value=''/></td></tr>
-        <tr><td><input type="checkbox" name="_spring_security_remember_me"/></td><td>Don't ask for my password for two weeks</td></tr>
+        <tr><td><input type="checkbox" name="remember-me"/></td><td>Don't ask for my password for two weeks</td></tr>
 
         <tr><td colspan='2'><input name="submit" type="submit"></td></tr>
         <tr><td colspan='2'><input name="reset" type="reset"></td></tr>

web/src/main/java/org/springframework/security/web/authentication/rememberme/AbstractRememberMeServices.java

@@ -40,8 +40,8 @@ import org.springframework.util.StringUtils;
 public abstract class AbstractRememberMeServices implements RememberMeServices, InitializingBean, LogoutHandler {
     //~ Static fields/initializers =====================================================================================
 
-    public static final String SPRING_SECURITY_REMEMBER_ME_COOKIE_KEY = "SPRING_SECURITY_REMEMBER_ME_COOKIE";
-    public static final String DEFAULT_PARAMETER = "_spring_security_remember_me";
+    public static final String SPRING_SECURITY_REMEMBER_ME_COOKIE_KEY = "remember-me";
+    public static final String DEFAULT_PARAMETER = "remember-me";
     public static final int TWO_WEEKS_S = 1209600;
 
     private static final String DELIMITER = ":";