diff options
author | Vitaly Takmazov | 2017-12-14 16:09:27 +0300 |
---|---|---|
committer | Vitaly Takmazov | 2017-12-14 16:09:46 +0300 |
commit | f84c1e7eac95ee3187885ddea80a4ff2085c0689 (patch) | |
tree | 3ce5ebba3980a8fffe155b5f53fc589ddd0721cf /juick-server-web/src/main/java | |
parent | 6593a618e9ba4cbdbe86fcaefab2492917c2276f (diff) |
spring-security: remember-me token was not generated properly in hash filter
Diffstat (limited to 'juick-server-web/src/main/java')
-rw-r--r-- | juick-server-web/src/main/java/com/juick/service/security/HashParamAuthenticationFilter.java | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/juick-server-web/src/main/java/com/juick/service/security/HashParamAuthenticationFilter.java b/juick-server-web/src/main/java/com/juick/service/security/HashParamAuthenticationFilter.java index ed24fc00..e8ea0492 100644 --- a/juick-server-web/src/main/java/com/juick/service/security/HashParamAuthenticationFilter.java +++ b/juick-server-web/src/main/java/com/juick/service/security/HashParamAuthenticationFilter.java @@ -69,8 +69,9 @@ public class HashParamAuthenticationFilter extends OncePerRequestFilter { User user = userService.getUserByHash(hash); if (!user.isAnonymous()) { + User userWithPassword = userService.getFullyUserByName(user.getName()); Authentication authentication = new RememberMeAuthenticationToken( - ((AbstractRememberMeServices)rememberMeServices).getKey(), new JuickUser(user), JuickUser.USER_AUTHORITY); + ((AbstractRememberMeServices)rememberMeServices).getKey(), new JuickUser(userWithPassword), JuickUser.USER_AUTHORITY); SecurityContextHolder.getContext().setAuthentication(authentication); |