Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.jboss.seam.security
Class RememberMe

java.lang.Object
  extended by org.jboss.seam.security.RememberMe
All Implemented Interfaces:
Serializable
@Named
@SessionScoped
public class RememberMe
extends Object
implements Serializable

Remember-me functionality is provided by this class, in two different flavours. The first mode provides username-only persistence, and is considered to be secure as the user (or their browser) is still required to provide a password. The second mode provides an auto-login feature, however is NOT considered to be secure and is vulnerable to XSS attacks compromising the user's account. Use the auto-login mode with caution!

Author:
Shane Bryzak
See Also:
Serialized Form

Nested Class Summary
static class RememberMe.Mode
           
 
Constructor Summary
RememberMe()
           
 
Method Summary
protected  String encodeToken(String username, String value)
           
protected  String generateTokenValue()
           
 RememberMe.Mode getMode()
           
 TokenStore getTokenStore()
           
 boolean isAutoLoggedIn()
          A flag that an application can use to protect sensitive operations if the user has been auto-authenticated.
 boolean isEnabled()
           
 void quietLogin(QuietLoginEvent event)
           
 void setEnabled(boolean enabled)
           
 void setMode(RememberMe.Mode mode)
           
 void setTokenStore(TokenStore tokenStore)
           
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

RememberMe

public RememberMe()
Method Detail

quietLogin

public void quietLogin(@Observes
                       QuietLoginEvent event)

getMode

public RememberMe.Mode getMode()

setMode

public void setMode(RememberMe.Mode mode)

isEnabled

public boolean isEnabled()

setEnabled

public void setEnabled(boolean enabled)

getTokenStore

public TokenStore getTokenStore()

setTokenStore

public void setTokenStore(TokenStore tokenStore)

isAutoLoggedIn

public boolean isAutoLoggedIn()
A flag that an application can use to protect sensitive operations if the user has been auto-authenticated.

generateTokenValue

protected String generateTokenValue()

encodeToken

protected String encodeToken(String username,
                             String value)
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2011 Seam Framework. All Rights Reserved.