Package org.springframework.security.config.annotation.web.configurers

Class RememberMeConfigurer<H extends HttpSecurityBuilder<H>>

    • Constructor Detail

      • RememberMeConfigurer

        public RememberMeConfigurer()
        Creates a new instance

    • Method Detail

      • tokenValiditySeconds

        public RememberMeConfigurer<H> tokenValiditySeconds​(int tokenValiditySeconds)
        Allows specifying how long (in seconds) a token is valid for
        Parameters:
        tokenValiditySeconds -
        Returns:
        RememberMeConfigurer for further customization
        See Also:
        AbstractRememberMeServices.setTokenValiditySeconds(int)

      • useSecureCookie

        public RememberMeConfigurer<H> useSecureCookie​(boolean useSecureCookie)
        Whether the cookie should be flagged as secure or not. Secure cookies can only be sent over an HTTPS connection and thus cannot be accidentally submitted over HTTP where they could be intercepted.

        By default the cookie will be secure if the request is secure. If you only want to use remember-me over HTTPS (recommended) you should set this property to true.

        Parameters:
        useSecureCookie - set to true to always user secure cookies, false to disable their use.
        Returns:
        the RememberMeConfigurer for further customization
        See Also:
        AbstractRememberMeServices.setUseSecureCookie(boolean)

      • userDetailsService

        public RememberMeConfigurer<H> userDetailsService​(org.springframework.security.core.userdetails.UserDetailsService userDetailsService)
        Specifies the UserDetailsService used to look up the UserDetails when a remember me token is valid. When using a SecurityFilterChain bean, the default is to look for a UserDetailsService bean. Alternatively, one can populate rememberMeServices(RememberMeServices).
        Parameters:
        userDetailsService - the UserDetailsService to configure
        Returns:
        the RememberMeConfigurer for further customization
        See Also:
        AbstractRememberMeServices

      • tokenRepository

        public RememberMeConfigurer<H> tokenRepository​(org.springframework.security.web.authentication.rememberme.PersistentTokenRepository tokenRepository)
        Specifies the PersistentTokenRepository to use. The default is to use TokenBasedRememberMeServices instead.
        Parameters:
        tokenRepository - the PersistentTokenRepository to use
        Returns:
        the RememberMeConfigurer for further customization

      • key

        public RememberMeConfigurer<H> key​(java.lang.String key)
        Sets the key to identify tokens created for remember me authentication. Default is a secure randomly generated key. If rememberMeServices(RememberMeServices) is specified and is of type AbstractRememberMeServices, then the default is the key set in AbstractRememberMeServices.
        Parameters:
        key - the key to identify tokens created for remember me authentication
        Returns:
        the RememberMeConfigurer for further customization

      • rememberMeParameter

        public RememberMeConfigurer<H> rememberMeParameter​(java.lang.String rememberMeParameter)
        The HTTP parameter used to indicate to remember the user at time of login.
        Parameters:
        rememberMeParameter - the HTTP parameter used to indicate to remember the user
        Returns:
        the RememberMeConfigurer for further customization

      • rememberMeCookieName

        public RememberMeConfigurer<H> rememberMeCookieName​(java.lang.String rememberMeCookieName)
        The name of cookie which store the token for remember me authentication. Defaults to 'remember-me'.
        Parameters:
        rememberMeCookieName - the name of cookie which store the token for remember me authentication
        Returns:
        the RememberMeConfigurer for further customization
        Since:
        4.0.1

      • rememberMeCookieDomain

        public RememberMeConfigurer<H> rememberMeCookieDomain​(java.lang.String rememberMeCookieDomain)
        The domain name within which the remember me cookie is visible.
        Parameters:
        rememberMeCookieDomain - the domain name within which the remember me cookie is visible.
        Returns:
        the RememberMeConfigurer for further customization
        Since:
        4.1.0

      • authenticationSuccessHandler

        public RememberMeConfigurer<H> authenticationSuccessHandler​(org.springframework.security.web.authentication.AuthenticationSuccessHandler authenticationSuccessHandler)
        Allows control over the destination a remembered user is sent to when they are successfully authenticated. By default, the filter will just allow the current request to proceed, but if an AuthenticationSuccessHandler is set, it will be invoked and the doFilter() method will return immediately, thus allowing the application to redirect the user to a specific URL, regardless of what the original request was for.
        Parameters:
        authenticationSuccessHandler - the strategy to invoke immediately before returning from doFilter().
        Returns:
        RememberMeConfigurer for further customization
        See Also:
        RememberMeAuthenticationFilter.setAuthenticationSuccessHandler(AuthenticationSuccessHandler)

      • rememberMeServices

        public RememberMeConfigurer<H> rememberMeServices​(org.springframework.security.web.authentication.RememberMeServices rememberMeServices)
        Specify the RememberMeServices to use.
        Parameters:
        rememberMeServices - the RememberMeServices to use
        Returns:
        the RememberMeConfigurer for further customizations
        See Also:
        RememberMeServices

      • alwaysRemember

        public RememberMeConfigurer<H> alwaysRemember​(boolean alwaysRemember)
        Whether the cookie should always be created even if the remember-me parameter is not set.

        By default this will be set to false.

        Parameters:
        alwaysRemember - set to true to always trigger remember me, false to use the remember-me parameter.
        Returns:
        the RememberMeConfigurer for further customization
        See Also:
        AbstractRememberMeServices.setAlwaysRemember(boolean)