Springs Simple <remember-me/> not working :-(

I am trying to make use of Spring Security's <remember-me/> authentification. The line in my security context looks like this:

 <security:remember-me key="89dqj219dn910lsAc12" user-service-ref="jpaUserDetailsService"/>

Although I use my own implementation of UserDetailsService (tested & working), I have also tried with the default one running into the same issue, which is this:

1. Logging in with "remember-me" checkbox checked, a cookie is generated as expected:

   Name: SPRING_SECURITY_REMEMBER_ME_COOKIE; Value: c2FzczoxMjg1NTIxOTI1NzY4OmIxODQ5YTE2ZDY1MDVmZDFhNWRlN2Y2NzFlMzc1MmI0; Host: localhost; Path: /webapp; Secure: No; Valid until: Sun, 26 Sep 2010 17:25:25 GMT)

2. The browser restarted

3. The cookie is still there

4. Trying to access any secured page ends in "Access denied" error:

   org.springframework.security.access.AccessDeniedException: Access is denied

   Authentication object as a String: org.springframework.security.authentication.RememberMeAuthenticationToken@ffcaab94: Principal: de.myapp.businessobjects.AppUser@35c12e: Username: username; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; PersonalInformation: 32768; ; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@957e: RemoteIpAddress: 127.0.0.1; SessionId: null;开发者_JS百科 Not granted any authorities

I am confused an do not know what goes wrong or where to start debugging. Help, please?

It looks like user is successfully authenticated, but for some reason he has no authorities (i.e. roles). So, make sure that user details returned by your UserDetailsService returns proper authorities from UserDetails.getAuthorities().