This content has been marked as final.
Show 2 replies
-
1. Re: Token-based Remember-me Auth-bad cookie value?
piotrp Mar 14, 2009 3:11 PM (in response to piotrp)If anyone is interested, I solved the problem by overriding default rememberMe component:
@Name("org.jboss.seam.security.rememberMe") @Scope(SESSION) @Install(precedence = APPLICATION, classDependencies = "javax.faces.context.FacesContext") @BypassInterceptors public class MyRememberMe extends RememberMe { protected String generateTokenValue() { StringBuilder sb = new StringBuilder(); Random random = new Random(); sb.append(random.nextLong()); return sb.toString(); } }
Regards,
Piotr -
2. Re: Token-based Remember-me Auth-bad cookie value?
martindolhs Oct 1, 2010 10:07 AM (in response to piotrp)The previous Tip did not work for me. I found out that the encoded string sometimes contained a newline. This is not allowed for the cookie value. Workaround:
@Name("org.jboss.seam.security.rememberMe") @Scope(SESSION) @Install(precedence = APPLICATION, classDependencies = "javax.faces.context.FacesContext") @BypassInterceptors public class MyRememberMe extends RememberMe { public String encodeToken(String username, String value) { StringBuilder sb = new StringBuilder(); sb.append(username); sb.append(":"); sb.append(value); return Base64.encodeBytes(sb.toString().getBytes(), Base64.DONT_BREAK_LINES); } }
-Martin