From 7bc8fb4be4c345ef1cefa43540342d2dac65f23c Mon Sep 17 00:00:00 2001 From: Vitaly Takmazov Date: Tue, 24 Oct 2017 23:20:24 +0300 Subject: www: delete correct cookie after logout --- .../main/java/com/juick/www/configuration/WebSecurityConfig.java | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/juick-www/src/main/java/com/juick/www/configuration/WebSecurityConfig.java b/juick-www/src/main/java/com/juick/www/configuration/WebSecurityConfig.java index d19ad37d..3dc7bc76 100644 --- a/juick-www/src/main/java/com/juick/www/configuration/WebSecurityConfig.java +++ b/juick-www/src/main/java/com/juick/www/configuration/WebSecurityConfig.java @@ -48,6 +48,8 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter { @Resource private UserService userService; + private final String COOKIE_NAME = "juick-remember-me"; + @Bean("userDetailsService") @Override public UserDetailsService userDetailsServiceBean() throws Exception { @@ -81,7 +83,7 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter { .invalidateHttpSession(true) .logoutUrl("/logout") .logoutSuccessUrl("/login?logout") - .deleteCookies("hash", "remember-me") + .deleteCookies("hash", COOKIE_NAME) .and() .formLogin() .loginPage("/login") @@ -120,7 +122,7 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter { TokenBasedRememberMeServices services = new TokenBasedRememberMeServices( rememberMeKey, userDetailsService()); - services.setCookieName("juick-remember-me"); + services.setCookieName(COOKIE_NAME); services.setCookieDomain(webDomain); services.setAlwaysRemember(true); services.setTokenValiditySeconds(6 * 30 * 24 * 3600); -- cgit v1.2.3