스프링 시큐리티 alwaysRemember  = false

설정 내용

  http.rememberMe()
               .key(REMEMBERME_KEY)
               .rememberMeParameter(REMEMBERME_PARAMETER)
               .rememberMeCookieName(REMEMBERME_COOKIENAME)
               .tokenValiditySeconds(60 * 60 * 24 * 7)
               .alwaysRemember(false)
               .tokenRepository(rememberMeTokenRepository)
               .userDetailsService(rememberMeUserService).and();

 

문제

checkbox에 체크를 하고 안하고 에 대해서 rememberme 가 작동하고 안하고 해야하는데 작동을 하지 않아서 원일을 찾아본결과 

login.html코드

<form name="f" action="/login" method="post"	class="form-signin" role="form" onsubmit="return false;">

	<input class="form-control"  name="login_id" type="text" placeholder="<spring:message code="login.form.id"/>" style="margin-bottom:5px;"	autofocus autocomplete="off">
	<input class="form-control"  name="login_password" type="password" placeholder="<spring:message code="login.form.pw"/>" value="">
	<div class="checkbox" style="margin-bottom:13px;">
		<label style="padding-top:5px;">
			<input type="checkbox" id="varsqlRememberMe" name="varsqlRememberMe" value="remember"> Remember me
		</label>
	</div>
	<div style="padding-bottom:10px;">
		<button class="btn btn-lg btn-primary btn-block btn-login" type="button">
			<spring:message code="btn.login" />
		</button>
	</div>

</form>

원인

checkbox 의 value에 값이 있어서 발생한 문제 .

<input type="checkbox" id="varsqlRememberMe" name="varsqlRememberMe" value="remember"> Remember me

해결방안

checkbox 에 value를 삭제 하거나  value="on" 이렇게 추가하면 작동함. 

 

에러 내용. 

Caused by: java.lang.IllegalArgumentException: Can not set rememberMeCookieName and custom rememberMeServices.
	at org.springframework.security.config.annotation.web.configurers.RememberMeConfigurer.validateInput(RememberMeConfigurer.java:306)
	at org.springframework.security.config.annotation.web.configurers.RememberMeConfigurer.init(RememberMeConfigurer.java:270)
	at org.springframework.security.config.annotation.web.configurers.RememberMeConfigurer.init(RememberMeConfigurer.java:80)
	at org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder.init(AbstractConfiguredSecurityBuilder.java:370)
	at org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder.doBuild(AbstractConfiguredSecurityBuilder.java:324)
	at org.springframework.security.config.annotation.AbstractSecurityBuilder.build(AbstractSecurityBuilder.java:41)
	at org.springframework.security.config.annotation.web.builders.WebSecurity.performBuild(WebSecurity.java:292)
	at org.springframework.security.config.annotation.web.builders.WebSecurity.performBuild(WebSecurity.java:79)
	at org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder.doBuild(AbstractConfiguredSecurityBuilder.java:333)
	at org.springframework.security.config.annotation.AbstractSecurityBuilder.build(AbstractSecurityBuilder.java:41)
	at org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration.springSecurityFilterChain(WebSecurityConfiguration.java:104)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
	at java.lang.reflect.Method.invoke(Unknown Source)
	at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:154)
	... 27 common frames omitted

설정 내용. 

private void configureRememberMe(HttpSecurity http) throws Exception {
        http.rememberMe()
               .key(REMEMBERME_KEY)
               .rememberMeParameter(REMEMBERME_PARAMETER)
               .rememberMeCookieName(REMEMBERME_COOKIENAME)
               .rememberMeServices(persistentTokenBasedRememberMeServices())
               .tokenValiditySeconds(60 * 60 * 24 * 7)
               .alwaysRemember(true)
               .tokenRepository(rememberMeTokenRepository)
               .userDetailsService(rememberMeUserService);
	}


    @Bean
   	public PersistentTokenBasedRememberMeServices persistentTokenBasedRememberMeServices() {
   	    PersistentTokenBasedRememberMeServices persistenceTokenBasedservice = new PersistentTokenBasedRememberMeServices(REMEMBERME_KEY, userDetailsService(), rememberMeTokenRepository);
   	    persistenceTokenBasedservice.setParameter(REMEMBERME_PARAMETER);
   	    persistenceTokenBasedservice.setAlwaysRemember(false);
   	    persistenceTokenBasedservice.setCookieName(REMEMBERME_COOKIENAME);
   	    persistenceTokenBasedservice.setTokenValiditySeconds(60 * 60 * 24 * 7);		// 토큰 유효시간 1주일 설정
   	    return persistenceTokenBasedservice;
    }

원인 

.rememberMeCookieName(REMEMBERME_COOKIENAME)
.rememberMeServices(persistentTokenBasedRememberMeServices())

설정시 rememberMeServices로 할지 스프링 시큐리트를 가지고 할지를 선택해서 하나만 설정을 해야지 에러가 나지 않는다. 
둘다 하면 에러가 위와 같은 에러 발생.

해결방안. 

rememberMeServices 또는 스프링 설정 둘중 하나를 선택해서 설정하면 해결완료. 

 

private void configureRememberMe(HttpSecurity http) throws Exception {
        http.rememberMe()
               .key(REMEMBERME_KEY)
               .rememberMeParameter(REMEMBERME_PARAMETER)
               .rememberMeCookieName(REMEMBERME_COOKIENAME)
               .alwaysRemember(true)
               .tokenValiditySeconds(60 * 60 * 24 * 7)
               .tokenRepository(tokenRepository())
               .userDetailsService(userDetailsService());
	}

+ Recent posts

티스토리툴바