Fala pessoal, boa noite. Estou implementando um sisteminha para estudar mais a fundo o spring security e empaquei no ponto do “mantenha-me conectado”.
Eu tenho meu checkbox <input class="Checkbox" name="_spring_security_remember_me" value="" tabindex="4" type="checkbox" /><label for="mantenhaConectado">Mantenha-me conectado</label> e quando eu o seleciono e faço o login, ocorre tudo numa boa e no banco o Spring grava os dados na tabela persistent_logins (username, series, token e last_used). O problema é que quando fecho o browser e abro novamente, o usuário não está logado, tendo a necessidade de digitar novamente o login e senha dele. Estou usando também o Struts 2, não sei se isso pode interferir.
Aqui está o meu spring-security.xml
[code]<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans=“http://www.springframework.org/schema/beans” xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation=“http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.1.xsd”>
<http auto-config="true" access-denied-page="/indexInvalido.do?error=2" use-expressions="true">
<intercept-url pattern="/index.do" access="permitAll" />
<intercept-url pattern="/professor/*.do" access="hasRole('ROLE_TEACHER')" />
<remember-me data-source-ref="dataSource"/>
<form-login login-page="/index.do" default-target-url="/index.do"
always-use-default-target="true" authentication-failure-url="/indexInvalido.do?error=1" />
<logout logout-success-url="/index.do" invalidate-session="true" delete-cookies="JSESSIONID,SPRING_SECURITY_REMEMBER_ME_COOKIE"/>
</http>
<!-- o atributo users-by-username-query traz as informações do usuário que serão guardadas na sessão do spring security -->
<authentication-manager>
<authentication-provider>
<jdbc-user-service data-source-ref="dataSource"
users-by-username-query="SELECT usuario_login as username, usuario_senha as password, 'true' as enable FROM usuario WHERE usuario_login=?"
authorities-by-username-query="select usuario_login as username, CASE usuario_permissao WHEN 'administrador' THEN 'ROLE_ADMIN' WHEN 'professor' THEN 'ROLE_TEACHER' ELSE 'ROLE_USER' END as authority from usuario where usuario_login = ?" />
</authentication-provider>
</authentication-manager>
</beans:beans>[/code]
Aqui está o meu applicationContext.xml
[code]<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns:sec="http://www.springframework.org/schema/security"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:context="http://www.springframework.org/schema/context"
xsi:schemaLocation=“http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context-3.0.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.0.3.xsd”>
<context:annotation-config/> <!-- Scanner @Autowired -->
<context:component-scan base-package="br.com.faculdade"/> <!-- Scanner @Repository @Service -->
<beans:bean id="dataSource" class="org.springframework.jdbc.datasource.DriverManagerDataSource">
<beans:property name="driverClassName" value="com.mysql.jdbc.Driver"/>
<beans:property name="url" value="jdbc:mysql://localhost:3306/teste"/>
<beans:property name="username" value="teste"/>
<beans:property name="password" value="teste"/>
</beans:bean>
<beans:bean id="usuarioAction" class="br.com.faculdade.action.UsuarioAction"/>
<beans:bean id="professorAction" class="br.com.faculdade.action.ProfessorAction"/>
</beans:beans>[/code]
E aqui está meu web.xml
[code]<?xml version="1.0" encoding="UTF-8"?>
Struts 2
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/applicationContext.xml,
/WEB-INF/spring-security.xml
</param-value>
</context-param>
<!-- Spring -->
<!-- Listeners -->
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<!-- Spring Security -->
<!-- Filters -->
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!-- Filters -->
<filter>
<filter-name>action2-cleanup</filter-name>
<filter-class>org.apache.struts2.dispatcher.ActionContextCleanUp</filter-class>
</filter>
<filter>
<filter-name>sitemesh</filter-name>
<filter-class>com.opensymphony.sitemesh.webapp.SiteMeshFilter</filter-class>
</filter>
<filter>
<filter-name>struts2</filter-name>
<filter-class>org.apache.struts2.dispatcher.ng.filter.StrutsPrepareAndExecuteFilter</filter-class>
</filter>
<filter>
<filter-name>action2</filter-name>
<filter-class>org.apache.struts2.dispatcher.ng.filter.StrutsExecuteFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>action2-cleanup</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
<dispatcher>FORWARD</dispatcher>
</filter-mapping>
<filter-mapping>
<filter-name>sitemesh</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
<dispatcher>FORWARD</dispatcher>
</filter-mapping>
<filter-mapping>
<filter-name>struts2</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
<dispatcher>FORWARD</dispatcher>
</filter-mapping>
<filter-mapping>
<filter-name>action2</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
<dispatcher>FORWARD</dispatcher>
</filter-mapping>
<!-- Listeners -->
<!-- <listener>
<listener-class>org.apache.struts2.tiles.StrutsTilesListener</listener-class>
</listener> -->
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<listener>
<listener-class>org.springframework.web.context.request.RequestContextListener</listener-class>
</listener>
<welcome-file-list>
<welcome-file>/WEB-INF/redirect.jsp</welcome-file>
</welcome-file-list>
[/code]
O que está faltando para conseguir fazer com que meu usuário permaneça logado mesmo quando ele fecha o browser?!