spring security 批改 RememberMeServices的key
spring security 修改 RememberMeServices的key
用RememberMe的时候想改一些RememberMeServices的默认属性
比如
private String cookieName = SPRING_SECURITY_REMEMBER_ME_COOKIE_KEY; private String parameter = DEFAULT_PARAMETER; private boolean alwaysRemember; private String key; private int tokenValiditySeconds = 1209600; // 14 days
但修改了之后发现cookie失效了
后来debug了半天才发现在 RememberMeAuthenticationProvider 也有一个key
public class RememberMeAuthenticationProvider implements AuthenticationProvider, InitializingBean, MessageSourceAware { //~ Static fields/initializers ===================================================================================== private static final Log logger = LogFactory.getLog(RememberMeAuthenticationProvider.class); //~ Instance fields ================================================================================================ protected MessageSourceAccessor messages = SpringSecurityMessageSource.getAccessor(); private String key;
在验证过程中会判断他们是否相等 假如只改了一个地方。。。