Apache shiro remember me not working

Wed, 08 Oct 2014 18:52:25 -0700 

Im trying to use the rememberme feature from apache shiro, but its not
working.

I have this shiro.ini

[main]
ds = org.apache.shiro.jndi.JndiObjectFactory   
ds.requiredType = javax.sql.DataSource  
ds.resourceName = java:/comp/env/jdbc/myDS


# JDBC realm config  
jdbcRealm = br.com.myproject.web.service.security.JdbcRealmImpl
jdbcRealm.permissionsLookupEnabled = true 
jdbcRealm.authenticationQuery = SELECT password FROM user WHERE username = ?
AND status = 1
jdbcRealm.dataSource = $ds

sha256Matcher = org.apache.shiro.authc.credential.Sha256CredentialsMatcher
jdbcRealm.credentialsMatcher = $sha256Matcher
securityManager.realms = $jdbcRealm

[urls]
/** = authcBasic
This is my JdbcRealmImpl:

public class JdbcRealmImpl extends JdbcRealm {

    public JdbcRealmImpl() {
        super();
    }

    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(
            final AuthenticationToken token) throws AuthenticationException
{

        final AuthenticationInfo info =
super.doGetAuthenticationInfo(token);

        final UserDB userDB = new UserDB();
        final User user = userDB.getUserByUsername((String)
token.getPrincipal());

        return new SimpleAuthenticationInfo(user, info.getCredentials(),
getName());
    }    

}
Since this is a web service project i have a login service:

@POST
@Path("/login")
public Response login(@FormParam("username") final String username,
@FormParam("password") final String password, @FormParam("remember") final
boolean remember) {

    final Subject currentUser = SecurityUtils.getSubject();

    if (!currentUser.isAuthenticated()) {
        final UsernamePasswordToken token = new
UsernamePasswordToken(username, password);
        try {
            token.setRememberMe(remember);
            currentUser.login(token);
        } catch (final AuthenticationException e) {
            return Response.status(Status.BAD_REQUEST).entity("Invalid
user").build();
        }
    }

    return Response.ok().build();
}

The problem is that SecurityUtils.getSubject().isRemembered() always return
false even when i set token.setRememberMe(true);

Is there any configuration that im missing?




--
View this message in context: 
http://shiro-user.582556.n2.nabble.com/Apache-shiro-remember-me-not-working-tp7580273.html
Sent from the Shiro User mailing list archive at Nabble.com.

Reply via email to