tomee-8.0/javadoc/javax/security/enterprise/authentication/mechanism/http/RememberMe.html - tomee-site-pub - Git at Google

 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
 <!-- NewPage -->
 <html lang="en">
 <head>
 <title>RememberMe</title>
 <link rel="stylesheet" type="text/css" href="../../../../../../stylesheet.css" title="Style">
 <script type="text/javascript" src="../../../../../../script.js"></script>
 </head>
 <body>
 <script type="text/javascript"><!--
     try {
         if (location.href.indexOf('is-external=true') == -1) {
             parent.document.title="RememberMe";
         }
     }
     catch(err) {
     }
 //-->
 </script>
 <noscript>
 <div>JavaScript is disabled on your browser.</div>
 </noscript>
 <!-- ========= START OF TOP NAVBAR ======= -->
 <div class="topNav"><a name="navbar.top">
 <!--   -->
 </a>
 <div class="skipNav"><a href="#skip.navbar.top" title="Skip navigation links">Skip navigation links</a></div>
 <a name="navbar.top.firstrow">
 <!--   -->
 </a>
 <ul class="navList" title="Navigation">
 <li><a href="../../../../../../overview-summary.html">Overview</a></li>
 <li><a href="package-summary.html">Package</a></li>
 <li class="navBarCell1Rev">Class</li>
 <li><a href="package-tree.html">Tree</a></li>
 <li><a href="../../../../../../deprecated-list.html">Deprecated</a></li>
 <li><a href="../../../../../../index-all.html">Index</a></li>
 <li><a href="../../../../../../help-doc.html">Help</a></li>
 </ul>
 </div>
 <div class="subNav">
 <ul class="navList">
 <li><a href="../../../../../../javax/security/enterprise/authentication/mechanism/http/LoginToContinue.html" title="annotation in javax.security.enterprise.authentication.mechanism.http"><span class="typeNameLink">Prev&nbsp;Class</span></a></li>
 <li>Next&nbsp;Class</li>
 </ul>
 <ul class="navList">
 <li><a href="../../../../../../index.html?javax/security/enterprise/authentication/mechanism/http/RememberMe.html" target="_top">Frames</a></li>
 <li><a href="RememberMe.html" target="_top">No&nbsp;Frames</a></li>
 </ul>
 <ul class="navList" id="allclasses_navbar_top">
 <li><a href="../../../../../../allclasses-noframe.html">All&nbsp;Classes</a></li>
 </ul>
 <div>
 <script type="text/javascript"><!--
   allClassesLink = document.getElementById("allclasses_navbar_top");
   if(window==top) {
     allClassesLink.style.display = "block";
   }
   else {
     allClassesLink.style.display = "none";
   }
   //-->
 </script>
 </div>
 <div>
 <ul class="subNavList">
 <li>Summary:&nbsp;</li>
 <li>Field&nbsp;|&nbsp;</li>
 <li>Required&nbsp;|&nbsp;</li>
 <li><a href="#annotation.type.optional.element.summary">Optional</a></li>
 </ul>
 <ul class="subNavList">
 <li>Detail:&nbsp;</li>
 <li>Field&nbsp;|&nbsp;</li>
 <li><a href="#annotation.type.element.detail">Element</a></li>
 </ul>
 </div>
 <a name="skip.navbar.top">
 <!--   -->
 </a></div>
 <!-- ========= END OF TOP NAVBAR ========= -->
 <!-- ======== START OF CLASS DATA ======== -->
 <div class="header">
 <div class="subTitle">javax.security.enterprise.authentication.mechanism.http</div>
 <h2 title="Annotation Type RememberMe" class="title">Annotation Type RememberMe</h2>
 </div>
 <div class="contentContainer">
 <div class="description">
 <ul class="blockList">
 <li class="blockList">
 <hr>
 <br>
 <pre>@Inherited
  <a href="../../../../../../javax/interceptor/InterceptorBinding.html" title="annotation in javax.interceptor">@InterceptorBinding</a>
  @Retention(value=RUNTIME)
  @Target(value=TYPE)
 public @interface <span class="memberNameLabel">RememberMe</span></pre>
 <div class="block">The RememberMe annotation provides an application the ability to declaratively designate
  that an authentication mechanism effectively "remembers" the authentication and auto
  applies this with every request.

  <p>
  For the remember me function the credentials provided by the caller are exchanged for a (long-lived) token
  which is send to the user as the value of a cookie, in a similar way to how the HTTP session ID is send.
  It should be realized that this token effectively becomes the credential to establish the caller's
  identity within the application and care should be taken to handle and store the token securely. E.g.
  by using this feature with a secure transport (SSL/HTTPS), storing a strong hash instead of the actual
  token, and implementing an expiration policy.

  <p>
  The token is vended by a special purpose <a href="../../../../../../javax/security/enterprise/identitystore/IdentityStore.html" title="interface in javax.security.enterprise.identitystore"><code>IdentityStore</code></a>-like artifact; an implementation of the
  <a href="../../../../../../javax/security/enterprise/identitystore/RememberMeIdentityStore.html" title="interface in javax.security.enterprise.identitystore"><code>RememberMeIdentityStore</code></a>.

  <p>
  This support is provided via an implementation of an interceptor spec interceptor that conducts the
  necessary logic.

  <p>
  Example:

  <pre>
  <code>
       @RequestScoped
       @RememberMe
      public class CustomAuthenticationMechanism implements HttpAuthenticationMechanism {
          // ...
      }
  </code>
  </pre>

  <p>
  EL expressions in attributes of type <code>String</code> are evaluated for every request requiring
  authentication. Both immediate and deferred syntax is supported, but effectively the semantics
  are always deferred.

  <p>
  <b>Note:</b> this facility <em>DOES NOT</em> constitute any kind of "session management" system, but instead
  represents a special purpose authentication mechanism using a long-lived token, that is vended and validated by the
  <a href="../../../../../../javax/security/enterprise/identitystore/RememberMeIdentityStore.html" title="interface in javax.security.enterprise.identitystore"><code>RememberMeIdentityStore</code></a>.</div>
 </li>
 </ul>
 </div>
 <div class="summary">
 <ul class="blockList">
 <li class="blockList">
 <!-- =========== ANNOTATION TYPE OPTIONAL MEMBER SUMMARY =========== -->
 <ul class="blockList">
 <li class="blockList"><a name="annotation.type.optional.element.summary">
 <!--   -->
 </a>
 <h3>Optional Element Summary</h3>
 <table class="memberSummary" border="0" cellpadding="3" cellspacing="0" summary="Optional Element Summary table, listing optional elements, and an explanation">
 <caption><span>Optional Elements</span><span class="tabEnd">&nbsp;</span></caption>
 <tr>
 <th class="colFirst" scope="col">Modifier and Type</th>
 <th class="colLast" scope="col">Optional Element and Description</th>
 </tr>
 <tr class="altColor">
 <td class="colFirst"><code>boolean</code></td>
 <td class="colLast"><code><span class="memberNameLink"><a href="../../../../../../javax/security/enterprise/authentication/mechanism/http/RememberMe.html#cookieHttpOnly--">cookieHttpOnly</a></span></code>
 <div class="block">Flag to indicate that the remember me cookie should not be exposed to
  client-side scripting code, and should only be sent with HTTP requests.</div>
 </td>
 </tr>
 <tr class="rowColor">
 <td class="colFirst"><code>java.lang.String</code></td>
 <td class="colLast"><code><span class="memberNameLink"><a href="../../../../../../javax/security/enterprise/authentication/mechanism/http/RememberMe.html#cookieHttpOnlyExpression--">cookieHttpOnlyExpression</a></span></code>
 <div class="block">EL expression variant of <code>cookieHttpOnly()</code>.</div>
 </td>
 </tr>
 <tr class="altColor">
 <td class="colFirst"><code>int</code></td>
 <td class="colLast"><code><span class="memberNameLink"><a href="../../../../../../javax/security/enterprise/authentication/mechanism/http/RememberMe.html#cookieMaxAgeSeconds--">cookieMaxAgeSeconds</a></span></code>
 <div class="block">Max age in seconds for the remember me cookie.</div>
 </td>
 </tr>
 <tr class="rowColor">
 <td class="colFirst"><code>java.lang.String</code></td>
 <td class="colLast"><code><span class="memberNameLink"><a href="../../../../../../javax/security/enterprise/authentication/mechanism/http/RememberMe.html#cookieMaxAgeSecondsExpression--">cookieMaxAgeSecondsExpression</a></span></code>
 <div class="block">EL expression variant of <code>cookieMaxAgeSeconds()</code>.</div>
 </td>
 </tr>
 <tr class="altColor">
 <td class="colFirst"><code>java.lang.String</code></td>
 <td class="colLast"><code><span class="memberNameLink"><a href="../../../../../../javax/security/enterprise/authentication/mechanism/http/RememberMe.html#cookieName--">cookieName</a></span></code>
 <div class="block">Name of the remember me cookie.</div>
 </td>
 </tr>
 <tr class="rowColor">
 <td class="colFirst"><code>boolean</code></td>
 <td class="colLast"><code><span class="memberNameLink"><a href="../../../../../../javax/security/enterprise/authentication/mechanism/http/RememberMe.html#cookieSecureOnly--">cookieSecureOnly</a></span></code>
 <div class="block">Flag to indicate that the remember me cookie should only be
  sent using a secure protocol (e.g.</div>
 </td>
 </tr>
 <tr class="altColor">
 <td class="colFirst"><code>java.lang.String</code></td>
 <td class="colLast"><code><span class="memberNameLink"><a href="../../../../../../javax/security/enterprise/authentication/mechanism/http/RememberMe.html#cookieSecureOnlyExpression--">cookieSecureOnlyExpression</a></span></code>
 <div class="block">EL expression variant of <code>cookieSecureOnly()</code>.</div>
 </td>
 </tr>
 <tr class="rowColor">
 <td class="colFirst"><code>boolean</code></td>
 <td class="colLast"><code><span class="memberNameLink"><a href="../../../../../../javax/security/enterprise/authentication/mechanism/http/RememberMe.html#isRememberMe--">isRememberMe</a></span></code>
 <div class="block">Flag to determine if remember me should be used.</div>
 </td>
 </tr>
 <tr class="altColor">
 <td class="colFirst"><code>java.lang.String</code></td>
 <td class="colLast"><code><span class="memberNameLink"><a href="../../../../../../javax/security/enterprise/authentication/mechanism/http/RememberMe.html#isRememberMeExpression--">isRememberMeExpression</a></span></code>
 <div class="block">EL expression to determine if remember me should be used.</div>
 </td>
 </tr>
 </table>
 </li>
 </ul>
 </li>
 </ul>
 </div>
 <div class="details">
 <ul class="blockList">
 <li class="blockList">
 <!-- ============ ANNOTATION TYPE MEMBER DETAIL =========== -->
 <ul class="blockList">
 <li class="blockList"><a name="annotation.type.element.detail">
 <!--   -->
 </a>
 <h3>Element Detail</h3>
 <a name="cookieMaxAgeSeconds--">
 <!--   -->
 </a>
 <ul class="blockList">
 <li class="blockList">
 <h4>cookieMaxAgeSeconds</h4>
 <pre>public abstract&nbsp;int&nbsp;cookieMaxAgeSeconds</pre>
 <div class="block">Max age in seconds for the remember me cookie.
  Defaults to one day.</div>
 <dl>
 <dt><span class="returnLabel">Returns:</span></dt>
 <dd>Max age in seconds</dd>
 <dt><span class="seeLabel">See Also:</span></dt>
 <dd><a href="../../../../../../javax/servlet/http/Cookie.html#setMaxAge-int-"><code>Cookie.setMaxAge(int)</code></a></dd>
 </dl>
 <dl>
 <dt>Default:</dt>
 <dd>86400</dd>
 </dl>
 </li>
 </ul>
 </li>
 </ul>
 <ul class="blockList">
 <li class="blockList"><a name="cookieMaxAgeSecondsExpression--">
 <!--   -->
 </a>
 <ul class="blockList">
 <li class="blockList">
 <h4>cookieMaxAgeSecondsExpression</h4>
 <pre>public abstract&nbsp;java.lang.String&nbsp;cookieMaxAgeSecondsExpression</pre>
 <div class="block">EL expression variant of <code>cookieMaxAgeSeconds()</code>.
  The expression needs to evaluate to an integer outcome. All named CDI beans are available to the expression
  as well as default classes as specified by EL 3.0 for the <code>ELProcessor</code>
  and the implicit objects "self" which refers to the interceptor target and
  "httpMessageContext" which refers to the current <a href="../../../../../../javax/security/enterprise/authentication/mechanism/http/HttpMessageContext.html" title="interface in javax.security.enterprise.authentication.mechanism.http"><code>HttpMessageContext</code></a>.
  If both this attribute and <code>cookieMaxAgeSeconds()</code> are specified, this
  attribute takes precedence.</div>
 <dl>
 <dt><span class="returnLabel">Returns:</span></dt>
 <dd>an expression evaluating to an integer designating the max age in seconds for the remember me cookie.</dd>
 </dl>
 <dl>
 <dt>Default:</dt>
 <dd>""</dd>
 </dl>
 </li>
 </ul>
 </li>
 </ul>
 <ul class="blockList">
 <li class="blockList"><a name="cookieSecureOnly--">
 <!--   -->
 </a>
 <ul class="blockList">
 <li class="blockList">
 <h4>cookieSecureOnly</h4>
 <pre>public abstract&nbsp;boolean&nbsp;cookieSecureOnly</pre>
 <div class="block">Flag to indicate that the remember me cookie should only be
  sent using a secure protocol (e.g. HTTPS or SSL).</div>
 <dl>
 <dt><span class="returnLabel">Returns:</span></dt>
 <dd>true if the cookie should be sent using a secure protocol only
  false for any protocol.</dd>
 <dt><span class="seeLabel">See Also:</span></dt>
 <dd><a href="../../../../../../javax/servlet/http/Cookie.html#setSecure-boolean-"><code>Cookie.setSecure(boolean)</code></a></dd>
 </dl>
 <dl>
 <dt>Default:</dt>
 <dd>true</dd>
 </dl>
 </li>
 </ul>
 </li>
 </ul>
 <ul class="blockList">
 <li class="blockList"><a name="cookieSecureOnlyExpression--">
 <!--   -->
 </a>
 <ul class="blockList">
 <li class="blockList">
 <h4>cookieSecureOnlyExpression</h4>
 <pre>public abstract&nbsp;java.lang.String&nbsp;cookieSecureOnlyExpression</pre>
 <div class="block">EL expression variant of <code>cookieSecureOnly()</code>.
  The expression needs to evaluate to a boolean outcome. All named CDI beans are available to the expression
  as well as default classes as specified by EL 3.0 for the <code>ELProcessor</code>
  and the implicit objects "self" which refers to the interceptor target and
  "httpMessageContext" which refers to the current <a href="../../../../../../javax/security/enterprise/authentication/mechanism/http/HttpMessageContext.html" title="interface in javax.security.enterprise.authentication.mechanism.http"><code>HttpMessageContext</code></a>.
  If both this attribute and <code>cookieSecureOnly()</code> are specified, this
  attribute takes precedence.</div>
 <dl>
 <dt><span class="returnLabel">Returns:</span></dt>
 <dd>an expression evaluating to an integer designating the max age in seconds for the remember me cookie.</dd>
 </dl>
 <dl>
 <dt>Default:</dt>
 <dd>""</dd>
 </dl>
 </li>
 </ul>
 </li>
 </ul>
 <ul class="blockList">
 <li class="blockList"><a name="cookieHttpOnly--">
 <!--   -->
 </a>
 <ul class="blockList">
 <li class="blockList">
 <h4>cookieHttpOnly</h4>
 <pre>public abstract&nbsp;boolean&nbsp;cookieHttpOnly</pre>
 <div class="block">Flag to indicate that the remember me cookie should not be exposed to
  client-side scripting code, and should only be sent with HTTP requests.</div>
 <dl>
 <dt><span class="returnLabel">Returns:</span></dt>
 <dd>true if the cookie should be sent only with HTTP requests
  (and not be made available to client-side scripting code), false otherwise.</dd>
 <dt><span class="seeLabel">See Also:</span></dt>
 <dd><a href="../../../../../../javax/servlet/http/Cookie.html#setHttpOnly-boolean-"><code>Cookie.setHttpOnly(boolean)</code></a></dd>
 </dl>
 <dl>
 <dt>Default:</dt>
 <dd>true</dd>
 </dl>
 </li>
 </ul>
 </li>
 </ul>
 <ul class="blockList">
 <li class="blockList"><a name="cookieHttpOnlyExpression--">
 <!--   -->
 </a>
 <ul class="blockList">
 <li class="blockList">
 <h4>cookieHttpOnlyExpression</h4>
 <pre>public abstract&nbsp;java.lang.String&nbsp;cookieHttpOnlyExpression</pre>
 <div class="block">EL expression variant of <code>cookieHttpOnly()</code>.
  The expression needs to evaluate to a boolean outcome. All named CDI beans are available to the expression
  as well as default classes as specified by EL 3.0 for the <code>ELProcessor</code>
  and the implicit objects "self" which refers to the interceptor target and
  "httpMessageContext" which refers to the current <a href="../../../../../../javax/security/enterprise/authentication/mechanism/http/HttpMessageContext.html" title="interface in javax.security.enterprise.authentication.mechanism.http"><code>HttpMessageContext</code></a>.
  If both this attribute and <code>cookieHttpOnly()</code> are specified, this
  attribute takes precedence.</div>
 <dl>
 <dt><span class="returnLabel">Returns:</span></dt>
 <dd>an expression evaluating to true if the cookie should be sent only with HTTP requests , false otherwise.</dd>
 </dl>
 <dl>
 <dt>Default:</dt>
 <dd>""</dd>
 </dl>
 </li>
 </ul>
 </li>
 </ul>
 <ul class="blockList">
 <li class="blockList"><a name="cookieName--">
 <!--   -->
 </a>
 <ul class="blockList">
 <li class="blockList">
 <h4>cookieName</h4>
 <pre>public abstract&nbsp;java.lang.String&nbsp;cookieName</pre>
 <div class="block">Name of the remember me cookie.</div>
 <dl>
 <dt><span class="returnLabel">Returns:</span></dt>
 <dd>The name of the cookie</dd>
 <dt><span class="seeLabel">See Also:</span></dt>
 <dd><a href="../../../../../../javax/servlet/http/Cookie.html#getName--"><code>Cookie.getName()</code></a></dd>
 </dl>
 <dl>
 <dt>Default:</dt>
 <dd>"JREMEMBERMEID"</dd>
 </dl>
 </li>
 </ul>
 </li>
 </ul>
 <ul class="blockList">
 <li class="blockList"><a name="isRememberMe--">
 <!--   -->
 </a>
 <ul class="blockList">
 <li class="blockList">
 <h4>isRememberMe</h4>
 <pre>public abstract&nbsp;boolean&nbsp;isRememberMe</pre>
 <div class="block">Flag to determine if remember me should be used.</div>
 <dl>
 <dt><span class="returnLabel">Returns:</span></dt>
 <dd>Flag to determine if remember me should be used</dd>
 </dl>
 <dl>
 <dt>Default:</dt>
 <dd>true</dd>
 </dl>
 </li>
 </ul>
 </li>
 </ul>
 <ul class="blockList">
 <li class="blockList"><a name="isRememberMeExpression--">
 <!--   -->
 </a>
 <ul class="blockListLast">
 <li class="blockList">
 <h4>isRememberMeExpression</h4>
 <pre>public abstract&nbsp;java.lang.String&nbsp;isRememberMeExpression</pre>
 <div class="block">EL expression to determine if remember me should be used. This is evaluated
  for every request requiring authentication. The expression needs to evaluate
  to a boolean outcome. All named CDI beans are available to the expression
  as well as default classes as specified by EL 3.0 for the <code>ELProcessor</code>
  and the implicit objects "self" which refers to the interceptor target and
  "httpMessageContext" which refers to the current <a href="../../../../../../javax/security/enterprise/authentication/mechanism/http/HttpMessageContext.html" title="interface in javax.security.enterprise.authentication.mechanism.http"><code>HttpMessageContext</code></a>.</div>
 <dl>
 <dt><span class="returnLabel">Returns:</span></dt>
 <dd>EL expression to determine if remember me should be used</dd>
 </dl>
 <dl>
 <dt>Default:</dt>
 <dd>""</dd>
 </dl>
 </li>
 </ul>
 </li>
 </ul>
 </li>
 </ul>
 </div>
 </div>
 <!-- ========= END OF CLASS DATA ========= -->
 <!-- ======= START OF BOTTOM NAVBAR ====== -->
 <div class="bottomNav"><a name="navbar.bottom">
 <!--   -->
 </a>
 <div class="skipNav"><a href="#skip.navbar.bottom" title="Skip navigation links">Skip navigation links</a></div>
 <a name="navbar.bottom.firstrow">
 <!--   -->
 </a>
 <ul class="navList" title="Navigation">
 <li><a href="../../../../../../overview-summary.html">Overview</a></li>
 <li><a href="package-summary.html">Package</a></li>
 <li class="navBarCell1Rev">Class</li>
 <li><a href="package-tree.html">Tree</a></li>
 <li><a href="../../../../../../deprecated-list.html">Deprecated</a></li>
 <li><a href="../../../../../../index-all.html">Index</a></li>
 <li><a href="../../../../../../help-doc.html">Help</a></li>
 </ul>
 </div>
 <div class="subNav">
 <ul class="navList">
 <li><a href="../../../../../../javax/security/enterprise/authentication/mechanism/http/LoginToContinue.html" title="annotation in javax.security.enterprise.authentication.mechanism.http"><span class="typeNameLink">Prev&nbsp;Class</span></a></li>
 <li>Next&nbsp;Class</li>
 </ul>
 <ul class="navList">
 <li><a href="../../../../../../index.html?javax/security/enterprise/authentication/mechanism/http/RememberMe.html" target="_top">Frames</a></li>
 <li><a href="RememberMe.html" target="_top">No&nbsp;Frames</a></li>
 </ul>
 <ul class="navList" id="allclasses_navbar_bottom">
 <li><a href="../../../../../../allclasses-noframe.html">All&nbsp;Classes</a></li>
 </ul>
 <div>
 <script type="text/javascript"><!--
   allClassesLink = document.getElementById("allclasses_navbar_bottom");
   if(window==top) {
     allClassesLink.style.display = "block";
   }
   else {
     allClassesLink.style.display = "none";
   }
   //-->
 </script>
 </div>
 <div>
 <ul class="subNavList">
 <li>Summary:&nbsp;</li>
 <li>Field&nbsp;|&nbsp;</li>
 <li>Required&nbsp;|&nbsp;</li>
 <li><a href="#annotation.type.optional.element.summary">Optional</a></li>
 </ul>
 <ul class="subNavList">
 <li>Detail:&nbsp;</li>
 <li>Field&nbsp;|&nbsp;</li>
 <li><a href="#annotation.type.element.detail">Element</a></li>
 </ul>
 </div>
 <a name="skip.navbar.bottom">
 <!--   -->
 </a></div>
 <!-- ======== END OF BOTTOM NAVBAR ======= -->
 </body>
 </html>
	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
	<!-- NewPage -->
	<html lang="en">
	<head>
	<title>RememberMe</title>
	<link rel="stylesheet" type="text/css" href="../../../../../../stylesheet.css" title="Style">
	<script type="text/javascript" src="../../../../../../script.js"></script>
	</head>
	<body>
	<script type="text/javascript"><!--
	try {
	if (location.href.indexOf('is-external=true') == -1) {
	parent.document.title="RememberMe";
	}
	}
	catch(err) {
	}
	//-->
	</script>
	<noscript>
	<div>JavaScript is disabled on your browser.</div>
	</noscript>
	<!-- ========= START OF TOP NAVBAR ======= -->
	<div class="topNav"><a name="navbar.top">
	<!-- -->
	</a>
	<div class="skipNav"><a href="#skip.navbar.top" title="Skip navigation links">Skip navigation links</a></div>
	<a name="navbar.top.firstrow">
	<!-- -->
	</a>
	<ul class="navList" title="Navigation">
	<li><a href="../../../../../../overview-summary.html">Overview</a></li>
	<li><a href="package-summary.html">Package</a></li>
	<li class="navBarCell1Rev">Class</li>
	<li><a href="package-tree.html">Tree</a></li>
	<li><a href="../../../../../../deprecated-list.html">Deprecated</a></li>
	<li><a href="../../../../../../index-all.html">Index</a></li>
	<li><a href="../../../../../../help-doc.html">Help</a></li>
	</ul>
	</div>
	<div class="subNav">
	<ul class="navList">
	<li><a href="../../../../../../javax/security/enterprise/authentication/mechanism/http/LoginToContinue.html" title="annotation in javax.security.enterprise.authentication.mechanism.http"><span class="typeNameLink">Prev Class</span></a></li>
	<li>Next Class</li>
	</ul>
	<ul class="navList">
	<li><a href="../../../../../../index.html?javax/security/enterprise/authentication/mechanism/http/RememberMe.html" target="_top">Frames</a></li>
	<li><a href="RememberMe.html" target="_top">No Frames</a></li>
	</ul>
	<ul class="navList" id="allclasses_navbar_top">
	<li><a href="../../../../../../allclasses-noframe.html">All Classes</a></li>
	</ul>
	<div>
	<script type="text/javascript"><!--
	allClassesLink = document.getElementById("allclasses_navbar_top");
	if(window==top) {
	allClassesLink.style.display = "block";
	}
	else {
	allClassesLink.style.display = "none";
	}
	//-->
	</script>
	</div>
	<div>
	<ul class="subNavList">
	<li>Summary: </li>
	<li>Field \| </li>
	<li>Required \| </li>
	<li><a href="#annotation.type.optional.element.summary">Optional</a></li>
	</ul>
	<ul class="subNavList">
	<li>Detail: </li>
	<li>Field \| </li>
	<li><a href="#annotation.type.element.detail">Element</a></li>
	</ul>
	</div>
	<a name="skip.navbar.top">
	<!-- -->
	</a></div>
	<!-- ========= END OF TOP NAVBAR ========= -->
	<!-- ======== START OF CLASS DATA ======== -->
	<div class="header">
	<div class="subTitle">javax.security.enterprise.authentication.mechanism.http</div>
	<h2 title="Annotation Type RememberMe" class="title">Annotation Type RememberMe</h2>
	</div>
	<div class="contentContainer">
	<div class="description">
	<ul class="blockList">
	<li class="blockList">
	<hr>
	<br>
	<pre>@Inherited
	<a href="../../../../../../javax/interceptor/InterceptorBinding.html" title="annotation in javax.interceptor">@InterceptorBinding</a>
	@Retention(value=RUNTIME)
	@Target(value=TYPE)
	public @interface <span class="memberNameLabel">RememberMe</span></pre>
	<div class="block">The RememberMe annotation provides an application the ability to declaratively designate
	that an authentication mechanism effectively "remembers" the authentication and auto
	applies this with every request.

	<p>
	For the remember me function the credentials provided by the caller are exchanged for a (long-lived) token
	which is send to the user as the value of a cookie, in a similar way to how the HTTP session ID is send.
	It should be realized that this token effectively becomes the credential to establish the caller's
	identity within the application and care should be taken to handle and store the token securely. E.g.
	by using this feature with a secure transport (SSL/HTTPS), storing a strong hash instead of the actual
	token, and implementing an expiration policy.

	<p>
	The token is vended by a special purpose <a href="../../../../../../javax/security/enterprise/identitystore/IdentityStore.html" title="interface in javax.security.enterprise.identitystore"><code>IdentityStore</code></a>-like artifact; an implementation of the
	<a href="../../../../../../javax/security/enterprise/identitystore/RememberMeIdentityStore.html" title="interface in javax.security.enterprise.identitystore"><code>RememberMeIdentityStore</code></a>.

	<p>
	This support is provided via an implementation of an interceptor spec interceptor that conducts the
	necessary logic.

	<p>
	Example:

	<pre>
	<code>
	@RequestScoped
	@RememberMe
	public class CustomAuthenticationMechanism implements HttpAuthenticationMechanism {
	// ...
	}
	</code>
	</pre>

	<p>
	EL expressions in attributes of type <code>String</code> are evaluated for every request requiring
	authentication. Both immediate and deferred syntax is supported, but effectively the semantics
	are always deferred.

	<p>
	<b>Note:</b> this facility <em>DOES NOT</em> constitute any kind of "session management" system, but instead
	represents a special purpose authentication mechanism using a long-lived token, that is vended and validated by the
	<a href="../../../../../../javax/security/enterprise/identitystore/RememberMeIdentityStore.html" title="interface in javax.security.enterprise.identitystore"><code>RememberMeIdentityStore</code></a>.</div>
	</li>
	</ul>
	</div>
	<div class="summary">
	<ul class="blockList">
	<li class="blockList">
	<!-- =========== ANNOTATION TYPE OPTIONAL MEMBER SUMMARY =========== -->
	<ul class="blockList">
	<li class="blockList"><a name="annotation.type.optional.element.summary">
	<!-- -->
	</a>
	<h3>Optional Element Summary</h3>
	<table class="memberSummary" border="0" cellpadding="3" cellspacing="0" summary="Optional Element Summary table, listing optional elements, and an explanation">
	<caption><span>Optional Elements</span><span class="tabEnd"> </span></caption>
	<tr>
	<th class="colFirst" scope="col">Modifier and Type</th>
	<th class="colLast" scope="col">Optional Element and Description</th>
	</tr>
	<tr class="altColor">
	<td class="colFirst"><code>boolean</code></td>
	<td class="colLast"><code><span class="memberNameLink"><a href="../../../../../../javax/security/enterprise/authentication/mechanism/http/RememberMe.html#cookieHttpOnly--">cookieHttpOnly</a></span></code>
	<div class="block">Flag to indicate that the remember me cookie should not be exposed to
	client-side scripting code, and should only be sent with HTTP requests.</div>
	</td>
	</tr>
	<tr class="rowColor">
	<td class="colFirst"><code>java.lang.String</code></td>
	<td class="colLast"><code><span class="memberNameLink"><a href="../../../../../../javax/security/enterprise/authentication/mechanism/http/RememberMe.html#cookieHttpOnlyExpression--">cookieHttpOnlyExpression</a></span></code>
	<div class="block">EL expression variant of <code>cookieHttpOnly()</code>.</div>
	</td>
	</tr>
	<tr class="altColor">
	<td class="colFirst"><code>int</code></td>
	<td class="colLast"><code><span class="memberNameLink"><a href="../../../../../../javax/security/enterprise/authentication/mechanism/http/RememberMe.html#cookieMaxAgeSeconds--">cookieMaxAgeSeconds</a></span></code>
	<div class="block">Max age in seconds for the remember me cookie.</div>
	</td>
	</tr>
	<tr class="rowColor">
	<td class="colFirst"><code>java.lang.String</code></td>
	<td class="colLast"><code><span class="memberNameLink"><a href="../../../../../../javax/security/enterprise/authentication/mechanism/http/RememberMe.html#cookieMaxAgeSecondsExpression--">cookieMaxAgeSecondsExpression</a></span></code>
	<div class="block">EL expression variant of <code>cookieMaxAgeSeconds()</code>.</div>
	</td>
	</tr>
	<tr class="altColor">
	<td class="colFirst"><code>java.lang.String</code></td>
	<td class="colLast"><code><span class="memberNameLink"><a href="../../../../../../javax/security/enterprise/authentication/mechanism/http/RememberMe.html#cookieName--">cookieName</a></span></code>
	<div class="block">Name of the remember me cookie.</div>
	</td>
	</tr>
	<tr class="rowColor">
	<td class="colFirst"><code>boolean</code></td>
	<td class="colLast"><code><span class="memberNameLink"><a href="../../../../../../javax/security/enterprise/authentication/mechanism/http/RememberMe.html#cookieSecureOnly--">cookieSecureOnly</a></span></code>
	<div class="block">Flag to indicate that the remember me cookie should only be
	sent using a secure protocol (e.g.</div>
	</td>
	</tr>
	<tr class="altColor">
	<td class="colFirst"><code>java.lang.String</code></td>
	<td class="colLast"><code><span class="memberNameLink"><a href="../../../../../../javax/security/enterprise/authentication/mechanism/http/RememberMe.html#cookieSecureOnlyExpression--">cookieSecureOnlyExpression</a></span></code>
	<div class="block">EL expression variant of <code>cookieSecureOnly()</code>.</div>
	</td>
	</tr>
	<tr class="rowColor">
	<td class="colFirst"><code>boolean</code></td>
	<td class="colLast"><code><span class="memberNameLink"><a href="../../../../../../javax/security/enterprise/authentication/mechanism/http/RememberMe.html#isRememberMe--">isRememberMe</a></span></code>
	<div class="block">Flag to determine if remember me should be used.</div>
	</td>
	</tr>
	<tr class="altColor">
	<td class="colFirst"><code>java.lang.String</code></td>
	<td class="colLast"><code><span class="memberNameLink"><a href="../../../../../../javax/security/enterprise/authentication/mechanism/http/RememberMe.html#isRememberMeExpression--">isRememberMeExpression</a></span></code>
	<div class="block">EL expression to determine if remember me should be used.</div>
	</td>
	</tr>
	</table>
	</li>
	</ul>
	</li>
	</ul>
	</div>
	<div class="details">
	<ul class="blockList">
	<li class="blockList">
	<!-- ============ ANNOTATION TYPE MEMBER DETAIL =========== -->
	<ul class="blockList">
	<li class="blockList"><a name="annotation.type.element.detail">
	<!-- -->
	</a>
	<h3>Element Detail</h3>
	<a name="cookieMaxAgeSeconds--">
	<!-- -->
	</a>
	<ul class="blockList">
	<li class="blockList">
	<h4>cookieMaxAgeSeconds</h4>
	<pre>public abstract int cookieMaxAgeSeconds</pre>
	<div class="block">Max age in seconds for the remember me cookie.
	Defaults to one day.</div>
	<dl>
	<dt><span class="returnLabel">Returns:</span></dt>
	<dd>Max age in seconds</dd>
	<dt><span class="seeLabel">See Also:</span></dt>
	<dd><a href="../../../../../../javax/servlet/http/Cookie.html#setMaxAge-int-"><code>Cookie.setMaxAge(int)</code></a></dd>
	</dl>
	<dl>
	<dt>Default:</dt>
	<dd>86400</dd>
	</dl>
	</li>
	</ul>
	</li>
	</ul>
	<ul class="blockList">
	<li class="blockList"><a name="cookieMaxAgeSecondsExpression--">
	<!-- -->
	</a>
	<ul class="blockList">
	<li class="blockList">
	<h4>cookieMaxAgeSecondsExpression</h4>
	<pre>public abstract java.lang.String cookieMaxAgeSecondsExpression</pre>
	<div class="block">EL expression variant of <code>cookieMaxAgeSeconds()</code>.
	The expression needs to evaluate to an integer outcome. All named CDI beans are available to the expression
	as well as default classes as specified by EL 3.0 for the <code>ELProcessor</code>
	and the implicit objects "self" which refers to the interceptor target and
	"httpMessageContext" which refers to the current <a href="../../../../../../javax/security/enterprise/authentication/mechanism/http/HttpMessageContext.html" title="interface in javax.security.enterprise.authentication.mechanism.http"><code>HttpMessageContext</code></a>.
	If both this attribute and <code>cookieMaxAgeSeconds()</code> are specified, this
	attribute takes precedence.</div>
	<dl>
	<dt><span class="returnLabel">Returns:</span></dt>
	<dd>an expression evaluating to an integer designating the max age in seconds for the remember me cookie.</dd>
	</dl>
	<dl>
	<dt>Default:</dt>
	<dd>""</dd>
	</dl>
	</li>
	</ul>
	</li>
	</ul>
	<ul class="blockList">
	<li class="blockList"><a name="cookieSecureOnly--">
	<!-- -->
	</a>
	<ul class="blockList">
	<li class="blockList">
	<h4>cookieSecureOnly</h4>
	<pre>public abstract boolean cookieSecureOnly</pre>
	<div class="block">Flag to indicate that the remember me cookie should only be
	sent using a secure protocol (e.g. HTTPS or SSL).</div>
	<dl>
	<dt><span class="returnLabel">Returns:</span></dt>
	<dd>true if the cookie should be sent using a secure protocol only
	false for any protocol.</dd>
	<dt><span class="seeLabel">See Also:</span></dt>
	<dd><a href="../../../../../../javax/servlet/http/Cookie.html#setSecure-boolean-"><code>Cookie.setSecure(boolean)</code></a></dd>
	</dl>
	<dl>
	<dt>Default:</dt>
	<dd>true</dd>
	</dl>
	</li>
	</ul>
	</li>
	</ul>
	<ul class="blockList">
	<li class="blockList"><a name="cookieSecureOnlyExpression--">
	<!-- -->
	</a>
	<ul class="blockList">
	<li class="blockList">
	<h4>cookieSecureOnlyExpression</h4>
	<pre>public abstract java.lang.String cookieSecureOnlyExpression</pre>
	<div class="block">EL expression variant of <code>cookieSecureOnly()</code>.
	The expression needs to evaluate to a boolean outcome. All named CDI beans are available to the expression
	as well as default classes as specified by EL 3.0 for the <code>ELProcessor</code>
	and the implicit objects "self" which refers to the interceptor target and
	"httpMessageContext" which refers to the current <a href="../../../../../../javax/security/enterprise/authentication/mechanism/http/HttpMessageContext.html" title="interface in javax.security.enterprise.authentication.mechanism.http"><code>HttpMessageContext</code></a>.
	If both this attribute and <code>cookieSecureOnly()</code> are specified, this
	attribute takes precedence.</div>
	<dl>
	<dt><span class="returnLabel">Returns:</span></dt>
	<dd>an expression evaluating to an integer designating the max age in seconds for the remember me cookie.</dd>
	</dl>
	<dl>
	<dt>Default:</dt>
	<dd>""</dd>
	</dl>
	</li>
	</ul>
	</li>
	</ul>
	<ul class="blockList">
	<li class="blockList"><a name="cookieHttpOnly--">
	<!-- -->
	</a>
	<ul class="blockList">
	<li class="blockList">
	<h4>cookieHttpOnly</h4>
	<pre>public abstract boolean cookieHttpOnly</pre>
	<div class="block">Flag to indicate that the remember me cookie should not be exposed to
	client-side scripting code, and should only be sent with HTTP requests.</div>
	<dl>
	<dt><span class="returnLabel">Returns:</span></dt>
	<dd>true if the cookie should be sent only with HTTP requests
	(and not be made available to client-side scripting code), false otherwise.</dd>
	<dt><span class="seeLabel">See Also:</span></dt>
	<dd><a href="../../../../../../javax/servlet/http/Cookie.html#setHttpOnly-boolean-"><code>Cookie.setHttpOnly(boolean)</code></a></dd>
	</dl>
	<dl>
	<dt>Default:</dt>
	<dd>true</dd>
	</dl>
	</li>
	</ul>
	</li>
	</ul>
	<ul class="blockList">
	<li class="blockList"><a name="cookieHttpOnlyExpression--">
	<!-- -->
	</a>
	<ul class="blockList">
	<li class="blockList">
	<h4>cookieHttpOnlyExpression</h4>
	<pre>public abstract java.lang.String cookieHttpOnlyExpression</pre>
	<div class="block">EL expression variant of <code>cookieHttpOnly()</code>.
	The expression needs to evaluate to a boolean outcome. All named CDI beans are available to the expression
	as well as default classes as specified by EL 3.0 for the <code>ELProcessor</code>
	and the implicit objects "self" which refers to the interceptor target and
	"httpMessageContext" which refers to the current <a href="../../../../../../javax/security/enterprise/authentication/mechanism/http/HttpMessageContext.html" title="interface in javax.security.enterprise.authentication.mechanism.http"><code>HttpMessageContext</code></a>.
	If both this attribute and <code>cookieHttpOnly()</code> are specified, this
	attribute takes precedence.</div>
	<dl>
	<dt><span class="returnLabel">Returns:</span></dt>
	<dd>an expression evaluating to true if the cookie should be sent only with HTTP requests , false otherwise.</dd>
	</dl>
	<dl>
	<dt>Default:</dt>
	<dd>""</dd>
	</dl>
	</li>
	</ul>
	</li>
	</ul>
	<ul class="blockList">
	<li class="blockList"><a name="cookieName--">
	<!-- -->
	</a>
	<ul class="blockList">
	<li class="blockList">
	<h4>cookieName</h4>
	<pre>public abstract java.lang.String cookieName</pre>
	<div class="block">Name of the remember me cookie.</div>
	<dl>
	<dt><span class="returnLabel">Returns:</span></dt>
	<dd>The name of the cookie</dd>
	<dt><span class="seeLabel">See Also:</span></dt>
	<dd><a href="../../../../../../javax/servlet/http/Cookie.html#getName--"><code>Cookie.getName()</code></a></dd>
	</dl>
	<dl>
	<dt>Default:</dt>
	<dd>"JREMEMBERMEID"</dd>
	</dl>
	</li>
	</ul>
	</li>
	</ul>
	<ul class="blockList">
	<li class="blockList"><a name="isRememberMe--">
	<!-- -->
	</a>
	<ul class="blockList">
	<li class="blockList">
	<h4>isRememberMe</h4>
	<pre>public abstract boolean isRememberMe</pre>
	<div class="block">Flag to determine if remember me should be used.</div>
	<dl>
	<dt><span class="returnLabel">Returns:</span></dt>
	<dd>Flag to determine if remember me should be used</dd>
	</dl>
	<dl>
	<dt>Default:</dt>
	<dd>true</dd>
	</dl>
	</li>
	</ul>
	</li>
	</ul>
	<ul class="blockList">
	<li class="blockList"><a name="isRememberMeExpression--">
	<!-- -->
	</a>
	<ul class="blockListLast">
	<li class="blockList">
	<h4>isRememberMeExpression</h4>
	<pre>public abstract java.lang.String isRememberMeExpression</pre>
	<div class="block">EL expression to determine if remember me should be used. This is evaluated
	for every request requiring authentication. The expression needs to evaluate
	to a boolean outcome. All named CDI beans are available to the expression
	as well as default classes as specified by EL 3.0 for the <code>ELProcessor</code>
	and the implicit objects "self" which refers to the interceptor target and
	"httpMessageContext" which refers to the current <a href="../../../../../../javax/security/enterprise/authentication/mechanism/http/HttpMessageContext.html" title="interface in javax.security.enterprise.authentication.mechanism.http"><code>HttpMessageContext</code></a>.</div>
	<dl>
	<dt><span class="returnLabel">Returns:</span></dt>
	<dd>EL expression to determine if remember me should be used</dd>
	</dl>
	<dl>
	<dt>Default:</dt>
	<dd>""</dd>
	</dl>
	</li>
	</ul>
	</li>
	</ul>
	</li>
	</ul>
	</div>
	</div>
	<!-- ========= END OF CLASS DATA ========= -->
	<!-- ======= START OF BOTTOM NAVBAR ====== -->
	<div class="bottomNav"><a name="navbar.bottom">
	<!-- -->
	</a>
	<div class="skipNav"><a href="#skip.navbar.bottom" title="Skip navigation links">Skip navigation links</a></div>
	<a name="navbar.bottom.firstrow">
	<!-- -->
	</a>
	<ul class="navList" title="Navigation">
	<li><a href="../../../../../../overview-summary.html">Overview</a></li>
	<li><a href="package-summary.html">Package</a></li>
	<li class="navBarCell1Rev">Class</li>
	<li><a href="package-tree.html">Tree</a></li>
	<li><a href="../../../../../../deprecated-list.html">Deprecated</a></li>
	<li><a href="../../../../../../index-all.html">Index</a></li>
	<li><a href="../../../../../../help-doc.html">Help</a></li>
	</ul>
	</div>
	<div class="subNav">
	<ul class="navList">
	<li><a href="../../../../../../javax/security/enterprise/authentication/mechanism/http/LoginToContinue.html" title="annotation in javax.security.enterprise.authentication.mechanism.http"><span class="typeNameLink">Prev Class</span></a></li>
	<li>Next Class</li>
	</ul>
	<ul class="navList">
	<li><a href="../../../../../../index.html?javax/security/enterprise/authentication/mechanism/http/RememberMe.html" target="_top">Frames</a></li>
	<li><a href="RememberMe.html" target="_top">No Frames</a></li>
	</ul>
	<ul class="navList" id="allclasses_navbar_bottom">
	<li><a href="../../../../../../allclasses-noframe.html">All Classes</a></li>
	</ul>
	<div>
	<script type="text/javascript"><!--
	allClassesLink = document.getElementById("allclasses_navbar_bottom");
	if(window==top) {
	allClassesLink.style.display = "block";
	}
	else {
	allClassesLink.style.display = "none";
	}
	//-->
	</script>
	</div>
	<div>
	<ul class="subNavList">
	<li>Summary: </li>
	<li>Field \| </li>
	<li>Required \| </li>
	<li><a href="#annotation.type.optional.element.summary">Optional</a></li>
	</ul>
	<ul class="subNavList">
	<li>Detail: </li>
	<li>Field \| </li>
	<li><a href="#annotation.type.element.detail">Element</a></li>
	</ul>
	</div>
	<a name="skip.navbar.bottom">
	<!-- -->
	</a></div>
	<!-- ======== END OF BOTTOM NAVBAR ======= -->
	</body>
	</html>