org.pac4j.play.CallbackController.setRenewSession()

Here are the examples of the java api org.pac4j.play.CallbackController.setRenewSession() taken from open source projects. By voting up you can indicate which examples are most useful and appropriate.

1 Examples 7

14 Source : SecurityModule.java
with Apache License 2.0
from seattle-uat

@Override
protected void configure() {
    // After logging in you are redirected to '/', and auth autorenews.
    CallbackController callbackController = new CallbackController();
    callbackController.setDefaultUrl(routes.HomeController.index().url());
    callbackController.setRenewSession(true);
    bind(CallbackController.clreplaced).toInstance(callbackController);
    // you can logout by hitting the logout endpoint, you'll be redirected to root page.
    LogoutController logoutController = new LogoutController();
    logoutController.setDefaultUrl(routes.HomeController.index().url());
    logoutController.setDestroySession(true);
    bind(LogoutController.clreplaced).toInstance(logoutController);
    // This is a weird one.  :)  The cookie session store refuses to serialize any
    // clreplacedes it doesn't explicitly trust.  A bug in pac4j interacts badly with
    // sbt's autoreload, so we have a little workaround here.  configure() gets called on every
    // startup,
    // but the JAVA_SERIALIZER object is only initialized on initial startup.
    // So, on a second startup, we'll add the UatProfileData a second time.  The
    // trusted clreplacedes set should dedupe UatProfileData against the old UatProfileData,
    // but it's technically a different clreplaced with the same name at that point,
    // which triggers the bug.  So, we just clear the clreplacedes, which will be empty
    // on first startup and will contain the profile on subsequent startups,
    // so that it's always safe to add the profile.
    // We will need to do this for every clreplaced we want to store in the cookie.
    PlayCookieSessionStore.JAVA_SERIALIZER.clearTrustedClreplacedes();
    PlayCookieSessionStore.JAVA_SERIALIZER.addTrustedClreplaced(UatProfileData.clreplaced);
    // We need to use the secret key to generate the encrypter / decrypter for the
    // session store, so that cookies from version n of the application can be
    // read by version n + 1.  This is especially important for dev, otherwise
    // we're going to spend a lot of time deleting cookies.
    Random r = new Random();
    r.setSeed(this.configuration.getString("play.http.secret.key").hashCode());
    byte[] aesKey = new byte[32];
    r.nextBytes(aesKey);
    PlayCookieSessionStore sessionStore = new PlayCookieSessionStore(new ShiroAesDataEncrypter(aesKey));
    bind(SessionStore.clreplaced).toInstance(sessionStore);
}