When I make rememberMe
(spring security) active in Hybris, I want rememberMe
users to behave like Hard Login users. I mean, I would like those rememberMe users (soft login) to not face any obstacle like when they want to proceed in the checkout process or something like that. How can I achieve this in SAP Hybris platform?
Your question: How to disable HardLogin for the remember-me user in Hybris?
find the detail explanation here
Change RequireHardLoginBeforeControllerHandler
Change beforeController
method of RequireHardLoginBeforeControllerHandler.java
, so that it always check if remember-me
cookies present in the request and guid
is missing or invalidated then create new guid
without redirecting login page.
Below yourstorefrontRememberMe
needs to change with your storefront name, like mySiteRemmberMe
public static final String SECURE_REMEMBER_ME_COOKIES = "yourstorefrontRememberMe";
@Resource(name = "guidCookieStrategy")
private GUIDCookieStrategy guidCookieStrategy;
@Override
public boolean beforeController(final HttpServletRequest request, final HttpServletResponse response,
final HandlerMethod handler) throws Exception
{
boolean redirect = true;
// We only care if the request is secure
if (request.isSecure())
{
// Check if the handler has our annotation
final RequireHardLogIn annotation = findAnnotation(handler, RequireHardLogIn.class);
if (annotation != null)
{
final String guid = (String) request.getSession().getAttribute(SECURE_GUID_SESSION_KEY);
if ((!getUserService().isAnonymousUser(getUserService().getCurrentUser()) || checkForAnonymousCheckout()) &&
checkForGUIDCookie(request, response, guid))
{
redirect = false;
}
if (redirect)
{
if(isRememberMeCookiePresent(request))
{
// If you find your guid is missing, lets recreate it.
guidCookieStrategy.setCookie(request, response);
return true;
}
else
{
LOG.warn((guid == null ? "missing secure token in session" : "no matching guid cookie") + ", redirecting");
getRedirectStrategy().sendRedirect(request, response, getRedirectUrl(request));
return false;
}
}
}
}
return true;
}
protected boolean isRememberMeCookiePresent(HttpServletRequest request) {
Cookie[] cookies = request.getCookies();
if ((cookies == null) || (cookies.length == 0)) {
return false;
}
for (Cookie cookie : cookies) {
if (SECURE_REMEMBER_ME_COOKIES.equals(cookie.getName())) {
return cookie.getValue() != null;
}
}
return false;
}
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With