security/runtime/org.argeo.security.mvc/src/main/java/org/argeo/security/mvc/ArgeoRememberMeServices.java

   1 /*
   2  * Copyright (C) 2007-2012 Mathieu Baudier
   3  *
   4  * Licensed under the Apache License, Version 2.0 (the "License");
   5  * you may not use this file except in compliance with the License.
   6  * You may obtain a copy of the License at
   7  *
   8  *         http://www.apache.org/licenses/LICENSE-2.0
   9  *
  10  * Unless required by applicable law or agreed to in writing, software
  11  * distributed under the License is distributed on an "AS IS" BASIS,
  12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  13  * See the License for the specific language governing permissions and
  14  * limitations under the License.
  15  */
  16 package org.argeo.security.mvc;
  17
  18 import javax.servlet.http.Cookie;
  19 import javax.servlet.http.HttpServletRequest;
  20 import javax.servlet.http.HttpServletResponse;
  21
  22 import org.springframework.security.ui.rememberme.TokenBasedRememberMeServices;
  23
  24 public class ArgeoRememberMeServices extends TokenBasedRememberMeServices {
  25         public final static String DEFAULT_COOKIE_NAME = "ARGEO_SECURITY";
  26
  27         public ArgeoRememberMeServices() {
  28                 setCookieName(DEFAULT_COOKIE_NAME);
  29         }
  30
  31         /**
  32          * Sets a "cancel cookie" (with maxAge = 0) on the response to disable
  33          * persistent logins.
  34          *
  35          * @param request
  36          * @param response
  37          */
  38         protected void cancelCookie(HttpServletRequest request,
  39                         HttpServletResponse response) {
  40                 Cookie cookie = new Cookie(getCookieName(), null);
  41                 cookie.setMaxAge(0);
  42                 cookie.setPath("/");
  43
  44                 response.addCookie(cookie);
  45         }
  46
  47         /**
  48          * Sets the cookie on the response
  49          *
  50          * @param tokens
  51          *            the tokens which will be encoded to make the cookie value.
  52          * @param maxAge
  53          *            the value passed to {@link Cookie#setMaxAge(int)}
  54          * @param request
  55          *            the request
  56          * @param response
  57          *            the response to add the cookie to.
  58          */
  59         protected void setCookie(String[] tokens, int maxAge,
  60                         HttpServletRequest request, HttpServletResponse response) {
  61                 String cookieValue = encodeCookie(tokens);
  62                 Cookie cookie = new Cookie(getCookieName(), cookieValue);
  63                 cookie.setMaxAge(maxAge);
  64                 cookie.setPath("/");
  65                 response.addCookie(cookie);
  66         }
  67
  68 }