How can I use a custom configured RememberMeAuthenticationFilter in spring security?

Posted by Sebastian on Stack Overflow See other posts from Stack Overflow or by Sebastian
Published on 2012-11-17T16:57:43Z Indexed on 2012/11/17 16:59 UTC
Read the original article Hit count: 237

Filed under:

spring-security

I want to use a slightly customized rememberme functionality with spring security (3.1.0).

I declare the rememberme tag like this:

<security:remember-me key="JNJRMBM" user-service-ref="gymUserDetailService" />

As I have my own rememberme service I need to inject that into the RememberMeAuthenticationFilter which I define like this:

<bean id="rememberMeFilter" class="org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter">
    <property name="rememberMeServices" ref="gymRememberMeService"/>
    <property name="authenticationManager" ref="authenticationManager" />
</bean>

I have spring security integrated in a standard way in my web.xml:

<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>

Everything works fine, except that the RememberMeAuthenticationFilter uses the standard RememberMeService, so I think that my defined RememberMeAuthenticationFilter is not being used.

How can I make sure that my definition of the filter is being used? Do I need to create a custom filterchain? And if so, how can I see my current "implicit" filterchain and make sure I use the same one except my RememberMeAuthenticationFilter instead of the default one?

Thanks for any advice and/or pointers!

Related posts about spring-security

Spring Security - Interactive login attempt was unsuccessful

as seen on Stack Overflow - Search for 'Stack Overflow'
I've been trying to track down why Spring Security isn't creating the SPRING_SECURITY_REMEMBER_ME_COOKIE so I turned on logging for org.springframework.security.web.authentication.rememberme. At first glance, the logs make it seem like the login is failing but the login is actually successful in the… >>> More
Google App Engine - Spring Security Issue (java.security.AccessControlException)

as seen on Stack Overflow - Search for 'Stack Overflow'
I'm currently getting the AccessControlException below when I deploy to app engine (I don't see it when I run in my local environment). I'm using GAE 1.3.1, Spring 3.0.1, and Spring Security 3.0.2. Any ideas how to get around this issue? It appears to be an issue with Spring Security trying to get… >>> More
Spring Security - Persistent Remember Me Issue

as seen on Stack Overflow - Search for 'Stack Overflow'
I've been trying to track down why Spring Security isn't creating the Spring Security remember me cookie (SPRING_SECURITY_REMEMBER_ME_COOKIE). At first glance, the logs make it seem like the login is failing, but the login is actually successful in the sense that if I navigate to a page that requires… >>> More
Problem with Remember Me Service in Spring Security

as seen on Stack Overflow - Search for 'Stack Overflow'
Hi, I'm trying to implement a "remember me" functionality in my website using Spring. The cookie and entry in the persistent_logins table are getting created correctly. Additionally, I can see that the correct user is being restored as the username is displayed at the top of the page. However, once… >>> More
Spring Security 3 - j_spring_security_check is not found

as seen on Stack Overflow - Search for 'Stack Overflow'
I use Spring Security with Spring Framework 3 and when I tyr to login from homepage I get following error: 2010-04-26 12:16:39,525 [tomcat-http--2] WARN org.springframework.web.servlet.PageNotFound - No mapping found for HTTP request with URI [/AppName/app/j_spring_security_check] in DispatcherServlet… >>> More

Developer IT