Spring Security PersistentTokenBasedRememberMeServices onLoginSuccess is protected

Summary

See https://github.com/spring-projects/spring-security/blob/master/web/src/main/java/org/springframework/security/web/authentication/rememberme/PersistentTokenBasedRememberMeServices.java#L158

This method is marked as protected which I use successfully in "TokenBasedRememberMeServices"

See https://github.com/spring-projects/spring-security/blob/master/web/src/main/java/org/springframework/security/web/authentication/rememberme/TokenBasedRememberMeServices.java#L167

I think it should match and become public. I had to extend the class to make it public myself.

Actual Behavior

Method is protected.

Expected Behavior

Method should possibly become public.

Version

Spring Boot 1.5.2

Sample

N/A

Comment From: eleftherias

The onLoginSuccess method is intentionally marked as protected. You likely can use the loginSuccess method instead, which in turn calls onLoginSuccess. From the onLoginSuccess Javadoc:

Called from loginSuccess when a remember-me login has been requested. Typically implemented by subclasses to set a remember-me cookie and potentially store a record of it if the implementation requires this.