15 年之前 · 84efffb937
--- a/web/src/main/java/org/springframework/security/web/authentication/rememberme/AbstractRememberMeServices.java
+++ b/web/src/main/java/org/springframework/security/web/authentication/rememberme/AbstractRememberMeServices.java
@@ -46,7 +46,7 @@ public abstract class AbstractRememberMeServices implements RememberMeServices,
 
				     protected final MessageSourceAccessor messages = SpringSecurityMessageSource.getAccessor();
			
 
				 
			
 
				     private UserDetailsService userDetailsService;
			
 
				-    private final UserDetailsChecker userDetailsChecker = new AccountStatusUserDetailsChecker();
			
 
				+    private UserDetailsChecker userDetailsChecker = new AccountStatusUserDetailsChecker();
			
 
				     private AuthenticationDetailsSource<HttpServletRequest, ?> authenticationDetailsSource = new WebAuthenticationDetailsSource();
			
 
				 
			
 
				     private String cookieName = SPRING_SECURITY_REMEMBER_ME_COOKIE_KEY;
			
@@ -403,4 +403,18 @@ public abstract class AbstractRememberMeServices implements RememberMeServices,
 
				         Assert.notNull(authenticationDetailsSource, "AuthenticationDetailsSource cannot be null");
			
 
				         this.authenticationDetailsSource = authenticationDetailsSource;
			
 
				     }
			
 
				+
			
 
				+    /**
			
 
				+     * Sets the strategy to be used to validate the {@code UserDetails} object obtained for
			
 
				+     * the user when processing a remember-me cookie to automatically log in a user.
			
 
				+     *
			
 
				+     * @param userDetailsChecker
			
 
				+     *          the strategy which will be passed the user object to allow it to be rejected if account should not
			
 
				+     *          be allowed to authenticate (if it is locked, for example). Defaults to a
			
 
				+     *          {@code AccountStatusUserDetailsChecker} instance.
			
 
				+     *
			
 
				+     */
			
 
				+    public void setUserDetailsChecker(UserDetailsChecker userDetailsChecker) {
			
 
				+        this.userDetailsChecker = userDetailsChecker;
			
 
				+    }
			
 
				 }
			
--- a/web/src/test/java/org/springframework/security/web/authentication/rememberme/AbstractRememberMeServicesTests.java
+++ b/web/src/test/java/org/springframework/security/web/authentication/rememberme/AbstractRememberMeServicesTests.java
@@ -10,6 +10,7 @@ import javax.servlet.http.HttpServletResponse;
 
				 import org.junit.Test;
			
 
				 import org.springframework.mock.web.MockHttpServletRequest;
			
 
				 import org.springframework.mock.web.MockHttpServletResponse;
			
 
				+import org.springframework.security.authentication.AccountStatusUserDetailsChecker;
			
 
				 import org.springframework.security.authentication.AuthenticationDetailsSource;
			
 
				 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
			
 
				 import org.springframework.security.core.Authentication;
			
@@ -36,7 +37,7 @@ public class AbstractRememberMeServicesTests {
 
				         new MockRememberMeServices().decodeCookie("nonBase64CookieValue%");
			
 
				     }
			
 
				 
			
 
				-	@Test
			
 
				+    @Test
			
 
				     public void setAndGetAreConsistent() throws Exception {
			
 
				         MockRememberMeServices services = new MockRememberMeServices();
			
 
				         assertNotNull(services.getCookieName());
			
@@ -189,6 +190,7 @@ public class AbstractRememberMeServicesTests {
 
				     @Test
			
 
				     public void autoLoginShouldFailIfUserAccountIsLocked() {
			
 
				         MockRememberMeServices services = new MockRememberMeServices();
			
 
				+        services.setUserDetailsChecker(new AccountStatusUserDetailsChecker());
			
 
				         User joeLocked = new User("joe", "password",false,true,true,true,joe.getAuthorities());
			
 
				         services.setUserDetailsService(new MockUserDetailsService(joeLocked, false));