private void cleanSubject(InvocationContext invocationContext, HttpServletRequest request, HttpServletResponse response, HttpMessageContext httpMessageContext) throws Exception { RememberMeIdentityStore rememberMeIdentityStore = CDI.current().select(RememberMeIdentityStore.class).get(); // TODO ADD CHECKS RememberMe rememberMeAnnotation = getRememberMeFromIntercepted(getElProcessor(invocationContext, httpMessageContext), invocationContext); Cookie rememberMeCookie = getCookie(request, rememberMeAnnotation.cookieName()); if (rememberMeCookie != null) { // There's a remember me cookie, remove the cookie removeCookie(request, response, rememberMeAnnotation.cookieName()); // And remove the token (and with it the authenticated identity) from the store rememberMeIdentityStore.removeLoginToken(rememberMeCookie.getValue()); } invocationContext.proceed(); }
CredentialValidationResult result = rememberMeIdentityStore.validate( new RememberMeCredential(rememberMeCookie.getValue()) ); String token = rememberMeIdentityStore.generateLoginToken( toCallerPrincipal(httpMessageContext.getCallerPrincipal()), httpMessageContext.getGroups()
CredentialValidationResult result = rememberMeIdentityStore.validate( new RememberMeCredential(rememberMeCookie.getValue()) ); String token = rememberMeIdentityStore.generateLoginToken( toCallerPrincipal(httpMessageContext.getCallerPrincipal()), httpMessageContext.getGroups()
private void cleanSubject(InvocationContext invocationContext, HttpServletRequest request, HttpServletResponse response, HttpMessageContext httpMessageContext) throws Exception { RememberMeIdentityStore rememberMeIdentityStore = CDI.current().select(RememberMeIdentityStore.class).get(); // TODO ADD CHECKS RememberMe rememberMeAnnotation = getRememberMeFromIntercepted(getElProcessor(invocationContext, httpMessageContext), invocationContext); Cookie rememberMeCookie = getCookie(request, rememberMeAnnotation.cookieName()); if (rememberMeCookie != null) { // There's a remember me cookie, remove the cookie removeCookie(request, response, rememberMeAnnotation.cookieName()); // And remove the token (and with it the authenticated identity) from the store rememberMeIdentityStore.removeLoginToken(rememberMeCookie.getValue()); } invocationContext.proceed(); }