Spring Security 2.0.6記住我的問題

Question

我已經完成了設置記住我的步驟。

我的理解是，使用此功能會創建一個cookie，當用戶回到瀏覽器並導航到我的網站並且cookie未過期時，他們應該登錄到我的網站。

我已驗證cookie已創建，但我從未自動登錄到我的網站。

所以我有點失落，因爲這裏需要發生什麼 - 我假設Spring Security負責這個，並且我不需要擴展他們的任何基類 - 是正確的嗎？

這裏是我的配置至今：需要在這裏完成

<global-method-security secured-annotations="enabled"/> 


    <http auto-config="false" entry-point-ref="authenticationProcessingFilterEntryPoint" access-denied-page="/login.jsp?login_error=2" > 
     <concurrent-session-control max-sessions="1" expired-url="/login.jsp"/> 
     <intercept-url pattern="/login.jsp*" filters="none"/> 
     <intercept-url pattern="/styles/**" filters="none" /> 
     <intercept-url pattern="/images/**" filters="none" /> 
     <intercept-url pattern="/admin/**" access="ROLE_ADMIN" /> 
     <intercept-url pattern="/user/**" access="ROLE_USER" /> 
     <logout invalidate-session="true" logout-url="/j_spring_security_logout" logout-success-url="/login.jsp?loggedout=true"/> 
<!--  <remember-me key="ecotrak1q2w3e4r5tazsxdc"/>--> 
    </http> 

<beans:bean id="defaultTargetUrlResolver" class="org.springframework.security.ui.TargetUrlResolverImpl" /> 

<beans:bean id="roleBasedTargetUrlResolver" class="vsg.ecotrak.security.custom.CustomTargetUrlResolverImpl"> 
    <beans:constructor-arg ref="defaultTargetUrlResolver" /> 
</beans:bean> 

<beans:bean id="authenticationProcessingFilter" class="org.springframework.security.ui.webapp.AuthenticationProcessingFilter"> 
    <custom-filter position="AUTHENTICATION_PROCESSING_FILTER" /> 
    <beans:property name="defaultTargetUrl" value="/admin/adminLanding.html"/> 
    <beans:property name="authenticationManager" ref="authenticationManager" /> 
    <beans:property name="authenticationFailureUrl" value="/login.jsp?login_error=1"/> 
    <beans:property name="allowSessionCreation" value="true" /> 
    <beans:property name="serverSideRedirect" value="true" /> 
    <beans:property name="targetUrlResolver" ref="roleBasedTargetUrlResolver" /> 
    <beans:property name="rememberMeServices" ref="rememberMeServices"/> 
</beans:bean> 

<authentication-manager alias="authenticationManager" /> 

<beans:bean id="authenticationProcessingFilterEntryPoint" class="org.springframework.security.ui.webapp.AuthenticationProcessingFilterEntryPoint"> 
    <beans:property name="loginFormUrl" value="/login.jsp" /> 
    <beans:property name="forceHttps" value="false" /> 
</beans:bean> 

<beans:bean id="rememberMeProcessingFilter" class="org.springframework.security.ui.rememberme.RememberMeProcessingFilter"> 
    <custom-filter position="REMEMBER_ME_FILTER" /> 
    <beans:property name="rememberMeServices" ref="rememberMeServices"/> 
    <beans:property name="authenticationManager" ref="authenticationManager" />  
</beans:bean> 


<beans:bean id="rememberMeServices" class="org.springframework.security.ui.rememberme.TokenBasedRememberMeServices"> 
    <beans:property name="userDetailsService" ref="customUserDetailsServiceWrapper"/> 
    <beans:property name="key" value="ecotrak1q2w3e4r5tazsxdc"/> 
</beans:bean> 

    <beans:bean id="rememberMeAuthenticationProvider" class="org.springframework.security.providers.rememberme.RememberMeAuthenticationProvider"> 
     <custom-authentication-provider /> 
     <beans:property name="key" value="ecotrak1q2w3e4r5tazsxdc"/> 
    </beans:bean> 

什麼？

Answer 1

一種可能性是custom-filter位置未被指定爲rememberMe。

<custom-filter position="REMEMBER_ME_FILTER"/>