Versão atual:

Mantenha-me conectado (Remember me) Spring Security 3 e Struts 2 não funciona

Fala pessoal, boa noite. Estou implementando um sisteminha para estudar mais a fundo o spring security e empaquei no ponto do "mantenha-me conectado".

Eu tenho meu checkbox (<input class="Checkbox" name="_spring_security_remember_me" value="" tabindex="4" type="checkbox" /><label for="mantenhaConectado">Mantenha-me conectado</label>) e quando eu o seleciono e faço o login, ocorre tudo numa boa e no banco o Spring grava os dados na tabela persistent_logins (username, series, token e last_used). O problema é que quando fecho o browser e abro novamente, o usuário não está logado, tendo a necessidade de digitar novamente o login e senha dele. Estou usando também o Struts 2, não sei se isso pode interferir.

Aqui está o meu spring-security.xml

<beans:beans xmlns="http://www.springframework.org/schema/security"
    xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://www.springframework.org/schema/beans
    http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
    http://www.springframework.org/schema/security
    http://www.springframework.org/schema/security/spring-security-3.1.xsd">

    <http auto-config="true" access-denied-page="/indexInvalido.do?error=2" use-expressions="true">
        <intercept-url pattern="/index.do" access="permitAll" />
        <intercept-url pattern="/professor/*.do" access="hasRole('ROLE_TEACHER')" />

        <remember-me data-source-ref="dataSource"/>

        <form-login login-page="/index.do" default-target-url="/index.do"
            always-use-default-target="true" authentication-failure-url="/indexInvalido.do?error=1" />

        <logout logout-success-url="/index.do" invalidate-session="true" delete-cookies="JSESSIONID,SPRING_SECURITY_REMEMBER_ME_COOKIE"/>
    </http>

    <!-- o atributo users-by-username-query traz as informações do usuário que serão guardadas na sessão do spring security -->
    <authentication-manager>
        <authentication-provider>
            <jdbc-user-service data-source-ref="dataSource"
                users-by-username-query="SELECT usuario_login as username, usuario_senha as password, 'true' as enable FROM usuario WHERE usuario_login=?"
                authorities-by-username-query="select usuario_login as username, CASE usuario_permissao WHEN 'administrador' THEN 'ROLE_ADMIN' WHEN 'professor' THEN 'ROLE_TEACHER' ELSE 'ROLE_USER' END as authority from usuario where usuario_login = ?" />
        </authentication-provider>
    </authentication-manager>
</beans:beans>

Aqui está o meu applicationContext.xml

<?xml version="1.0" encoding="UTF-8"?> 
<beans:beans xmlns:sec="http://www.springframework.org/schema/security"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
       xmlns:beans="http://www.springframework.org/schema/beans"
       xmlns:context="http://www.springframework.org/schema/context" 
       xsi:schemaLocation="http://www.springframework.org/schema/beans 
             http://www.springframework.org/schema/beans/spring-beans-3.0.xsd 
                          http://www.springframework.org/schema/context 
                          http://www.springframework.org/schema/context/spring-context-3.0.xsd
                          http://www.springframework.org/schema/security
                          http://www.springframework.org/schema/security/spring-security-3.0.3.xsd">


    <context:annotation-config/> <!-- Scanner @Autowired -->
    <context:component-scan base-package="br.com.faculdade"/> <!-- Scanner @Repository @Service --> 

    <beans:bean id="dataSource" class="org.springframework.jdbc.datasource.DriverManagerDataSource">
        <beans:property name="driverClassName" value="com.mysql.jdbc.Driver"/>
        <beans:property name="url" value="jdbc:mysql://localhost:3306/teste"/>
        <beans:property name="username" value="teste"/>
        <beans:property name="password" value="teste"/>
    </beans:bean>

    <beans:bean id="usuarioAction" class="br.com.faculdade.action.UsuarioAction"/>
    <beans:bean id="professorAction" class="br.com.faculdade.action.ProfessorAction"/>
</beans:beans>

E aqui está meu web.xml

<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
    version="3.0">
    <display-name>Struts 2</display-name>

    <context-param>
        <param-name>contextConfigLocation</param-name>
        <param-value>
            /WEB-INF/applicationContext.xml,
            /WEB-INF/spring-security.xml
        </param-value>
    </context-param>

    <!-- Spring -->
    <!-- Listeners -->
    <listener>
        <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
    </listener>

    <!-- Spring Security -->
    <!-- Filters -->
    <filter> 
        <filter-name>springSecurityFilterChain</filter-name> 
        <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class> 
      </filter> 
      <filter-mapping> 
        <filter-name>springSecurityFilterChain</filter-name> 
        <url-pattern>/*</url-pattern>
      </filter-mapping> 

    <!-- Filters -->
    <filter>
        <filter-name>action2-cleanup</filter-name>
        <filter-class>org.apache.struts2.dispatcher.ActionContextCleanUp</filter-class>
    </filter>
    <filter>
        <filter-name>sitemesh</filter-name>
        <filter-class>com.opensymphony.sitemesh.webapp.SiteMeshFilter</filter-class>
    </filter>
    <filter>
        <filter-name>struts2</filter-name>
        <filter-class>org.apache.struts2.dispatcher.ng.filter.StrutsPrepareAndExecuteFilter</filter-class>
    </filter>
    <filter>
        <filter-name>action2</filter-name>
        <filter-class>org.apache.struts2.dispatcher.ng.filter.StrutsExecuteFilter</filter-class>
    </filter>

    <filter-mapping>
        <filter-name>action2-cleanup</filter-name>
        <url-pattern>/*</url-pattern>
        <dispatcher>REQUEST</dispatcher>
        <dispatcher>FORWARD</dispatcher>
    </filter-mapping>

    <filter-mapping>
        <filter-name>sitemesh</filter-name>
        <url-pattern>/*</url-pattern>
        <dispatcher>REQUEST</dispatcher>
        <dispatcher>FORWARD</dispatcher>
    </filter-mapping>

    <filter-mapping>
        <filter-name>struts2</filter-name>
        <url-pattern>/*</url-pattern>
        <dispatcher>REQUEST</dispatcher>
        <dispatcher>FORWARD</dispatcher>
    </filter-mapping>

    <filter-mapping>
        <filter-name>action2</filter-name>
        <url-pattern>/*</url-pattern>
        <dispatcher>REQUEST</dispatcher>
        <dispatcher>FORWARD</dispatcher>
    </filter-mapping>

    <!-- Listeners -->
    <!-- <listener>
        <listener-class>org.apache.struts2.tiles.StrutsTilesListener</listener-class>
    </listener> -->
    <listener>
        <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
    </listener>
    <listener>
        <listener-class>org.springframework.web.context.request.RequestContextListener</listener-class>
    </listener>

    <welcome-file-list>
        <welcome-file>/WEB-INF/redirect.jsp</welcome-file>
    </welcome-file-list> 
</web-app>

O que está faltando para conseguir fazer com que meu usuário permaneça logado mesmo quando ele fecha o browser?!

Versão(1):

Ver a versão formatada

Mantenha-me conectado (Remember me) Spring Security 3 e Struts 2 não funciona

  • criado 17 de set de 2013

Comentário

new question