SEC-1542: Add setter for UserDetailsChecker in AbstractRememberMeServices #1784

Closed
spring-issuemaster opened this Issue Aug 17, 2010 · 3 comments

1 participant

@spring-issuemaster

Sandro Ruch (Migrated from SEC-1542) said:

Currently the AbstractRememberMeServices contains a private variable userDetailsChecker which is initialized with the AccountStatusUserDetailsChecker but there is no way to overwrite this like in the AbstractUserDetailsAuthenticationProvider class (variable preAuthenticationChecks). In addition the two default implementation are not the same.

Improvment:
1: make userDetailsChecker configurable in AbstractRememberMeServices
2: implement the DefaultPreAuthenticationChecks not as private class like the AccountStatusUserDetailsChecker

@spring-issuemaster

Luke Taylor said:

I can certainly add a setter method to AbstractRememberMeServices.

The private classes in AbstractUserDetailsAuthenticationProvider are really an implementation detail for that class, which are directly tied to it. The point is that the messages which are displayed to a user should be tailored depending on whether they have successfully entered their credentials or not. That doesn't apply in a context like remember-me where the token is either accepted as part of a request or rejected outright.

@spring-issuemaster

Sandro Ruch said:

That would be great... also in case of SimpleUrlAuthenticationFailureHandler... we need just to manipulate the defaultFailureUrl (attache a parameter in some case)... if there where a method like in the class LoginUrlAuthenticationEntryPoint (determineUrlToUseForThisRequest) we would be able to just extend from SimpleUrlAuthenticationFailureHandler and overwrite the designated method (getting the defaultFailureUrl). For now we had to copy the whole code (from SimpleUrlAuthenticationFailureHandler and ExceptionMappingAuthenticationFailureHandler) into a new one... not much but also not so nice...

@spring-issuemaster

Luke Taylor said:

Added the setter method.

@spring-issuemaster spring-issuemaster added this to the 3.1.0.M2 milestone Feb 5, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment