security/runtime/org.argeo.security.mvc/src/main/java/org/argeo/security/mvc/ArgeoRememberMeServices.java

   1 /*
   2  * Copyright (C) 2010 Mathieu Baudier <mbaudier@argeo.org>
   3  *
   4  * Licensed under the Apache License, Version 2.0 (the "License");
   5  * you may not use this file except in compliance with the License.
   6  * You may obtain a copy of the License at
   7  *
   8  *         http://www.apache.org/licenses/LICENSE-2.0
   9  *
  10  * Unless required by applicable law or agreed to in writing, software
  11  * distributed under the License is distributed on an "AS IS" BASIS,
  12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  13  * See the License for the specific language governing permissions and
  14  * limitations under the License.
  15  */
  16
  17 package org.argeo.security.mvc;
  18
  19 import javax.servlet.http.Cookie;
  20 import javax.servlet.http.HttpServletRequest;
  21 import javax.servlet.http.HttpServletResponse;
  22
  23 import org.springframework.security.ui.rememberme.TokenBasedRememberMeServices;
  24
  25 public class ArgeoRememberMeServices extends TokenBasedRememberMeServices {
  26         public final static String DEFAULT_COOKIE_NAME = "ARGEO_SECURITY";
  27
  28         public ArgeoRememberMeServices() {
  29                 setCookieName(DEFAULT_COOKIE_NAME);
  30         }
  31
  32         /**
  33          * Sets a "cancel cookie" (with maxAge = 0) on the response to disable
  34          * persistent logins.
  35          *
  36          * @param request
  37          * @param response
  38          */
  39         protected void cancelCookie(HttpServletRequest request,
  40                         HttpServletResponse response) {
  41                 Cookie cookie = new Cookie(getCookieName(), null);
  42                 cookie.setMaxAge(0);
  43                 cookie.setPath("/");
  44
  45                 response.addCookie(cookie);
  46         }
  47
  48         /**
  49          * Sets the cookie on the response
  50          *
  51          * @param tokens
  52          *            the tokens which will be encoded to make the cookie value.
  53          * @param maxAge
  54          *            the value passed to {@link Cookie#setMaxAge(int)}
  55          * @param request
  56          *            the request
  57          * @param response
  58          *            the response to add the cookie to.
  59          */
  60         protected void setCookie(String[] tokens, int maxAge,
  61                         HttpServletRequest request, HttpServletResponse response) {
  62                 String cookieValue = encodeCookie(tokens);
  63                 Cookie cookie = new Cookie(getCookieName(), cookieValue);
  64                 cookie.setMaxAge(maxAge);
  65                 cookie.setPath("/");
  66                 response.addCookie(cookie);
  67         }
  68
  69 }