TokenBasedRememberMeServices2 (Jenkins core 2.165 API)

java.lang.Object
- org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices
- - hudson.security.TokenBasedRememberMeServices2

All Implemented Interfaces:

org.acegisecurity.ui.logout.LogoutHandler, org.acegisecurity.ui.rememberme.RememberMeServices, org.springframework.beans.factory.InitializingBean
```
public class TokenBasedRememberMeServices2
extends org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices
```
TokenBasedRememberMeServices with modification so as not to rely on the user password being available.
This allows remember-me to work with security realms where the password is never available in clear text.

Author:

Kohsuke Kawaguchi

Field Summary

Fields
Modifier and Type	Field and Description
`static boolean`	`SKIP_TOO_FAR_EXPIRATION_DATE_CHECK` Escape hatch for the check on the maximum date for the expiration duration of the remember me cookie

Fields inherited from class org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices
ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY, authenticationDetailsSource, DEFAULT_PARAMETER, logger, tokenValiditySeconds

Constructor Summary

Constructors
Constructor and Description

TokenBasedRememberMeServices2()

Constructors
Constructor and Description
`TokenBasedRememberMeServices2()`

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`org.acegisecurity.Authentication`	`autoLogin(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)`
`protected boolean`	`isTokenExpired(long tokenExpiryTimeMs)` In addition to the expiration requested by the super class, we also check the expiration is not too far in the future.
`void`	`loginSuccess(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, org.acegisecurity.Authentication successfulAuthentication)`
`protected javax.servlet.http.Cookie`	`makeCancelCookie(javax.servlet.http.HttpServletRequest request)`
`protected String`	`makeTokenSignature(long tokenExpiryTime, org.acegisecurity.userdetails.UserDetails userDetails)`
`protected javax.servlet.http.Cookie`	`makeValidCookie(String tokenValueBase64, javax.servlet.http.HttpServletRequest request, long maxAge)`
`protected String`	`retrievePassword(org.acegisecurity.Authentication successfulAuthentication)`
`void`	`setUserDetailsService(org.acegisecurity.userdetails.UserDetailsService userDetailsService)` Decorate `UserDetailsService` so that we can use information stored in `LastGrantedAuthoritiesProperty`.

Methods inherited from class org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices
afterPropertiesSet, cancelCookie, getCookieName, getKey, getParameter, getTokenValiditySeconds, getUserDetailsService, isAlwaysRemember, isValidUserDetails, loadUserDetails, loginFail, logout, rememberMeRequested, retrieveUserName, setAlwaysRemember, setAuthenticationDetailsSource, setCookieName, setKey, setParameter, setTokenValiditySeconds

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Field Detail
  - SKIP_TOO_FAR_EXPIRATION_DATE_CHECK
```
@Restricted(value=org.kohsuke.accmod.restrictions.NoExternalUse.class)
public static boolean SKIP_TOO_FAR_EXPIRATION_DATE_CHECK
```
    Escape hatch for the check on the maximum date for the expiration duration of the remember me cookie
- Constructor Detail
  - TokenBasedRememberMeServices2
```
public TokenBasedRememberMeServices2()
```
- Method Detail
  - setUserDetailsService
```
public void setUserDetailsService(org.acegisecurity.userdetails.UserDetailsService userDetailsService)
```
    Decorate UserDetailsService so that we can use information stored in LastGrantedAuthoritiesProperty. We wrap by ImpersonatingUserDetailsService in other places too, so this is possibly redundant, but there are many AbstractPasswordBasedSecurityRealm.loadUserByUsername(String) implementations that do not do it, so doing it helps retrofit old plugins to benefit from the user impersonation improvements. Plus multiple ImpersonatingUserDetailsService do not incur any real performance penalty.
    
    Overrides:
    
    setUserDetailsService in class org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices
  - makeTokenSignature
```
protected String makeTokenSignature(long tokenExpiryTime,
                                    org.acegisecurity.userdetails.UserDetails userDetails)
```
    Overrides:
    
    makeTokenSignature in class org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices
  - retrievePassword
```
protected String retrievePassword(org.acegisecurity.Authentication successfulAuthentication)
```
    Overrides:
    
    retrievePassword in class org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices
  - loginSuccess
```
public void loginSuccess(javax.servlet.http.HttpServletRequest request,
                         javax.servlet.http.HttpServletResponse response,
                         org.acegisecurity.Authentication successfulAuthentication)
```
    Specified by:
    
    loginSuccess in interface org.acegisecurity.ui.rememberme.RememberMeServices
    
    Overrides:
    
    loginSuccess in class org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices
  - autoLogin
```
public org.acegisecurity.Authentication autoLogin(javax.servlet.http.HttpServletRequest request,
                                                  javax.servlet.http.HttpServletResponse response)
```
    Specified by:
    
    autoLogin in interface org.acegisecurity.ui.rememberme.RememberMeServices
    
    Overrides:
    
    autoLogin in class org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices
  - makeValidCookie
```
protected javax.servlet.http.Cookie makeValidCookie(String tokenValueBase64,
                                                    javax.servlet.http.HttpServletRequest request,
                                                    long maxAge)
```
    Overrides:
    
    makeValidCookie in class org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices
  - makeCancelCookie
```
protected javax.servlet.http.Cookie makeCancelCookie(javax.servlet.http.HttpServletRequest request)
```
    Overrides:
    
    makeCancelCookie in class org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices
  - isTokenExpired
```
protected boolean isTokenExpired(long tokenExpiryTimeMs)
```
    In addition to the expiration requested by the super class, we also check the expiration is not too far in the future. Especially to detect maliciously crafted cookie.
    
    Overrides:
    
    isTokenExpired in class org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices

Class TokenBasedRememberMeServices2

Field Summary

Fields inherited from class org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices

Constructor Summary

Method Summary

Methods inherited from class org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices

Methods inherited from class java.lang.Object

Field Detail

SKIP_TOO_FAR_EXPIRATION_DATE_CHECK

Constructor Detail

TokenBasedRememberMeServices2

Method Detail

setUserDetailsService

makeTokenSignature

retrievePassword

loginSuccess

autoLogin

makeValidCookie

makeCancelCookie

isTokenExpired