1. logout功能比较简单,只需要先在http标签中加上:
<custom-filter position="LOGOUT_FILTER" ref="logoutFilter" />
然后再将logoutFilter的bean配置在下面:
<!-- logout filter configuration Start -->
<beans:bean id="logoutFilter"
class="org.springframework.security.web.authentication.logout.LogoutFilter">
<beans:constructor-arg value="/login.jsp" />
<beans:constructor-arg>
<beans:list>
<beans:ref local="rememberMeServices" />
<beans:bean
class="org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler">
</beans:bean>
</beans:list>
</beans:constructor-arg>
<beans:property name="filterProcessesUrl" value="/j_spring_security_logout"></beans:property>
</beans:bean>
最后在页面上需要的地方加上超链接:
<a href="j_spring_security_logout">Logout</a>
这样就可以实现logout功能了
2. remember me功能,是要将用户输入的用户名密码在登录以后记住,保存在系统后台之中,而不是在登录页面的输入框中
具体配置如下:
首先,还是在<http> 标签中配置
<remember-me services-ref="rememberMeServices" />
然后配置rememberMeServices的bean
<!-- remember me Configuration start -->
<beans:bean id="rememberMeServices"
class="org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices">
<beans:property name="userDetailsService" ref="myUserDetailService" />
<beans:property name="key" value="springsecurityCookies1" />
<beans:property name="alwaysRemember" value="false"></beans:property>
<beans:property name="tokenValiditySeconds" value="86400"></beans:property>
<beans:property name="parameter" value="_spring_security_remember_me"></beans:property>
</beans:bean>
<beans:bean id="rememberMeAuthenticationProvider"
class="org.springframework.security.authentication.RememberMeAuthenticationProvider">
<beans:property name="key" value="springsecurityCookies1" />
</beans:bean>