我不知道为什么,也许我写错了代码。我的网站会在一段时间后退出。 我在
中写道application.properties
session.timeout.interval = 350000000 and
session.setMaxInactiveInterval = (60*60*24)
表格HTML我写的
<form th:action="@{/login}" method="post"
authentication-success-handler-ref="authenticationSuccessHandler">
我在Spring Security中的代码:
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
@Autowired
private UserDetailsService userDetailsService;
@Autowired
private UserRepository userRepository;
@Autowired
private DataSource dataSource;
@Override
protected void configure(final HttpSecurity httpSecurity) throws Exception {
httpSecurity
.authorizeRequests()
.antMatchers(HttpMethod.GET, "/registration")
.permitAll()
.antMatchers(HttpMethod.POST, "/registration")
.permitAll()
.antMatchers("/css/**", "/js/**", "/img/**")
.permitAll()
.antMatchers("/cars/**")
.permitAll()
.anyRequest().authenticated()
.and()
.formLogin()
.loginPage("/login")
.defaultSuccessUrl("/")
.passwordParameter("password")
.permitAll()
.and().logout().logoutSuccessUrl("/")
.and()
.httpBasic()
.and()
.csrf().disable();
httpSecurity.rememberMe().rememberMeParameter("remember-me")
.rememberMeCookieName("my-remember-me")
.tokenRepository(persistentTokenRepository()).tokenValiditySeconds(86400000);
}
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(userDetailsService).passwordEncoder(passwordEncoder());
}
@Bean
public PasswordEncoder passwordEncoder() {
return new MyPasswordEncoder();
}
@Bean
public PersistentTokenRepository persistentTokenRepository() {
JdbcTokenRepositoryImpl tokenRepository = new JdbcTokenRepositoryImpl();
tokenRepository.setDataSource(dataSource);
return tokenRepository;
}
我尝试使用httpSecurity.addFilterBefore(authenticationFilter(),UsernamePasswordAuthenticationFilter.class),但我再次看到注销