我想在Spring Security中使用“记住我”功能,以使用户能够保持登录状态。在我的应用程序中,我提供了一个复选框供用户选择“记住我”,如果用户选中了它,则在成功登录后,spring应用程序会将“记住我” cookie发送到浏览器。 我有三个字段:用户名,密码和代码。我想保留这些字段以登录。
这是secuirty.xml中的配置:
<security:http auto-config="true" use-expressions="true">
.....
.....
<security:remember-me remember-me-cookie="rvm-track-rm" remember-me-
parameter="remember-me" token-repository-ref="tokenRepository" token-
validity-seconds="864000" key="rvm-track-web-html" user-service-
ref="userDetailsServiceImpl"/>
.....
.....
<bean id="tokenRepository" class="org.springframework.security.web.
authentication.rememberme.InMemoryTokenRepositoryImpl"/>
<bean id="requestContextFilter" class="org.springframework.web.
filter.RequestContextFilter"/>
<bean id="shaPasswordEncoder" class="org.springframework.security.
authentication.encoding.ShaPasswordEncoder"
<constructor-arg value="512" />
</bean>
<bean id="authenticationSuccessHandler"
class="com.revomon.tracking.web.html.SuccessfulAuthenticationHandler"/>
<security:authentication-manager>
<security:authentication-provider user-service-ref="userDetailsServiceImpl"/>
</security:authentication-manager>
这是“ UserDetailsServiceImpl”类:
@Override
@Transactional(readOnly = true)
public UserDetails loadUserByUsername(final String userName) throws UsernameNotFoundException {
logger.debug("Authenticate username {}", userName);
ServletRequestAttributes attr = (ServletRequestAttributes) RequestContextHolder.currentRequestAttributes();
String customerCode = (String) attr.getRequest().getParameter("customer_code");
TrackAdminUser user = userDao.findByUsernameAndCustomerCode(userName, customerCode);
return new WebUser(user);
}
我的问题是仅保留“用户名”和“密码”字段并发送给“记住我”。请保留代码字段还缺少什么?
答案 0 :(得分:0)
您需要发送http参数,该参数的名称与您的配置相符-在登录表单中记住“ me-parameter =“ remember-me”,在您的情况下为“ remember-me”。您可以在登录表单中添加下一个代码:
<div class="checkbox">
<label><input class="checkbox" type="checkbox" name="remember-me">Remember me</label>
</div>