问题描述
我只为 PersistentTokenBasedRememberMeServices 类创建了 bean
public RememberMeAuthenticationFilter rememberMeFilter() throws Exception
{
RememberMeAuthenticationFilter filter = new RememberMeAuthenticationFilter(authenticationManager(),rememberMeServices());
return filter;
}
@Bean
public SecurityRememberMeServices rememberMeServices()
{
SecurityRememberMeServices secRemmeSvc = new SecurityRememberMeServices(Constants.REMEMBER_ME_KEY,userDetailsService(),tokenRepository(),rootConfig.userDetailDBQueryExecutor());
secRemmeSvc.setParameter(Constants.REMEMBER_ME_ParaMETER);
secRemmeSvc.setTokenValiditySeconds(Constants.TOKEN_VALIDITY_SECONDS);
logger.debug("### $$$ Token Validity: " + Constants.TOKEN_VALIDITY_SECONDS);
return secRemmeSvc;
}
@Bean
public PersistentTokenRepository tokenRepository()
{
JdbcTokenRepositoryImpl jdbcTokenRepo = new JdbcTokenRepositoryImpl();
jdbcTokenRepo.setDataSource(rootConfig.dataSource());
return jdbcTokenRepo;
}
@Bean
public UserDetailsService userDetailsService()
{
SecurityUserDetailsService userDetailsService = new SecurityUserDetailsService();
userDetailsService.setUserDao(rootConfig.userDao());
return userDetailsService;
}
SecurityRememberMeServices :
public class SecurityRememberMeServices extends
PersistentTokenBasedRememberMeServices
{
public SecurityRememberMeServices(String key,UserDetailsService userDetailsService,PersistentTokenRepository tokenRepository,UserDetailDBQueryExecutor userDetailDBQueryExecutor)
{
super(key,userDetailsService,tokenRepository);
}
@Override
protected boolean rememberMeRequested(HttpServletRequest request,String parameter)
{
logger.debug("### Remember Requests: " + parameter);
return super.rememberMeRequested(request,parameter);
}
@Override
protected void onLoginSuccess(HttpServletRequest request,HttpServletResponse response,Authentication successfulAuthentication)
{
logger.debug("### Remember Me Login Success: " + (UserPrincipal)
successfulAuthentication.getPrincipal());
super.onLoginSuccess(request,response,successfulAuthentication);
}
@Override
protected UserDetails processAutoLoginCookie(String[] cookietokens,HttpServletRequest request,HttpServletResponse response)
{
String userName = token.getUsername();
logger.debug("username"+userName );
return super.processAutoLoginCookie(cookietokens,request,response);
}
@Override
public void logout(HttpServletRequest request,Authentication authentication)
{
String username = authentication.getName();
logger.debug("### To remove persistent login for user " + username);
super.logout(request,authentication);
}
}
PersistentTokenBasedRememberMeServices.onLoginSuccess(...) 被调用并生成一个令牌并存储在数据库中
在调用 logout 时,它应该调用 PersistentTokenBasedRememberMeServices.logout(..) 方法来删除之前在数据库中创建的所有令牌,但它实际上在该方法上调用 TokenBasedRememberMeServices.logout(..) 仅会话无效并且令牌是无效而不是删除该用户名的令牌
任何人都可以帮助解决这个问题
解决方法
暂无找到可以解决该程序问题的有效方法,小编努力寻找整理中!
如果你已经找到好的解决方法,欢迎将解决方案带上本链接一起发送给小编。
小编邮箱:dio#foxmail.com (将#修改为@)