aboutsummaryrefslogtreecommitdiff
path: root/juick-server-web/src/main/java/com/juick
diff options
context:
space:
mode:
authorGravatar Vitaly Takmazov2017-12-11 23:19:14 +0300
committerGravatar Vitaly Takmazov2017-12-11 23:19:39 +0300
commit6593a618e9ba4cbdbe86fcaefab2492917c2276f (patch)
treefd184c0b0f1bd3857c57c7bd7d907d9a139d79f4 /juick-server-web/src/main/java/com/juick
parent2be12ebce3d600804227f6b74374c8db37921139 (diff)
web: using preconfigured rememberme key in hash auth filter
Diffstat (limited to 'juick-server-web/src/main/java/com/juick')
-rw-r--r--juick-server-web/src/main/java/com/juick/service/security/HashParamAuthenticationFilter.java3
1 files changed, 2 insertions, 1 deletions
diff --git a/juick-server-web/src/main/java/com/juick/service/security/HashParamAuthenticationFilter.java b/juick-server-web/src/main/java/com/juick/service/security/HashParamAuthenticationFilter.java
index d4bd3ec6..ed24fc00 100644
--- a/juick-server-web/src/main/java/com/juick/service/security/HashParamAuthenticationFilter.java
+++ b/juick-server-web/src/main/java/com/juick/service/security/HashParamAuthenticationFilter.java
@@ -25,6 +25,7 @@ import org.springframework.security.authentication.RememberMeAuthenticationToken
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.authentication.RememberMeServices;
+import org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices;
import org.springframework.util.Assert;
import org.springframework.web.filter.OncePerRequestFilter;
import org.springframework.web.util.WebUtils;
@@ -69,7 +70,7 @@ public class HashParamAuthenticationFilter extends OncePerRequestFilter {
if (!user.isAnonymous()) {
Authentication authentication = new RememberMeAuthenticationToken(
- hash, new JuickUser(user), JuickUser.USER_AUTHORITY);
+ ((AbstractRememberMeServices)rememberMeServices).getKey(), new JuickUser(user), JuickUser.USER_AUTHORITY);
SecurityContextHolder.getContext().setAuthentication(authentication);