Remember Me in Seam 3_问答_开发者_运维开发者技术经验分享

开发者 https://www.devze.com 2023-03-31 20:31 出处：网络

How can I use the remember me feature of seam security 3??? I try the seam 2 way but it does not work...

相关专题：jsf-2 seam3

How can I use the remember me feature of seam security 3???

I try the seam 2 way but it does not work... here my components.xml... not sure if this file is used in seam 3

   <security:jpa-token-store token-class="org.jboss.seam.example.seamspace.AuthenticationToken" />
<security:remember-me mode="autoLogin"/>开发者_如何学C;
 <event type="org.jboss.seam.security.notLoggedIn">

<action execute="#{redirect.captureCurrentView}"/>

<action execute="#{identity.tryLogin()}"/>

<action execute="#{redirect.returnToCapturedView}"/>

Thanks

According to https://community.jboss.org/thread/178998 the RemeberMe is not be integrated seam-security-3.1, but the class is already prepared.

The known RememberMe from Seam2 is available in two modes:

The first mode allows the username to be stored in the user's browser as a cookie, and leaves the entering of the password up to the browser (many modern browsers are capable of remembering passwords).
The second mode supports the storing of a unique token in a cookie, and allows a user to authenticate automatically upon returning to the site, without having to provide a password.

Fortunately it's not hard to implement a workaround for the first mode. After a successful login you can set a cookie:

FacesContext.getCurrentInstance().addResponseCookie("cookieName", "myToken", null);

Then make sure your own CookieBean is invoked before the login

<ui:fragment rendered="#{cookieBean.dummy}"/>
<h:form id="fLogin">
  <h:inputText value="#{credentials.username}"/>
  <h:inputSecret value="#{credentials.password}" redisplay="true"/>
  <h:commandButton value="LOGIN" action="#{identity.login}"/>
</h:form>

In your CookieBean you can check if your cookie is available, map a provided token to a username and then fill the username in your form.

@Named @SessionScoped
public class CookieBean implements Serializable
{
  @Inject Credentials credentials;

  @PostConstruct
  public void init()
  { 
    Map<String, Object> cookies = FacesContext.getCurrentInstance().
                        getExternalContext().getRequestCookieMap();
    // Check if you cookie is available
    // Do some stuff with your cookie
    // Cookie cookie = (Cookie) cookies.get("cookieName");
    credentials.setUsername("myUserName");
  }

  public boolean getDummy() {return false;}
}

Seam 3 doesn't use components.xml to configure components/beans.

I don't think Seam Security 3 (as of 3.0.0.Final) has a built-in 'rememberMe' functionality.