Spring security remember me - logging out one PC forgets all other persistent logins on other PCs

StackOverflow https://stackoverflow.com/questions/14895347

Вопрос

Remember-me service definition:

  <security:remember-me services-alias="rememberMeService" data-source-ref="dataSource" user-service-ref="userService"/>

and my persistent_login table (via hibernate) looks like this :

@Column(nullable = false, unique = false, length = 128)
private String username;

@Id
@Column(nullable = false, unique = true, length = 128)
private String series;

@Column(nullable = false, unique = false, length = 128)
private String token;

@Column(nullable = false)
private Date last_used;

How to stop all persistent tokens for one username being deleted when logging out on one computer ?

Это было полезно?

Решение

You'll have to override the logout method of PersistentTokenBasedRememberMeServices. Decode the cookie using the decodeCookie method. The first element of the array returned is the token series which you can use to delete the information for that specific session.

Лицензировано под: CC-BY-SA с атрибуция
Не связан с StackOverflow
scroll top