1 散列加密方案
在spring security中加入自动登录功能:
@Autowired
private MyUserDetailsService userDetailsService;
protected void configure(HttpSecurity http){
http......
.formLogin()
.and()
.rememberMe()
.userDetailsService(userDetailsService);
}
使用这种方案的前提是已经实现了一个userDetailsService(前面章节有实现),重启服务后访问login页面会多出一个remember me的多选框,勾选后登录查看浏览器的cookie会多出一个:
name | value |
---|---|
remember-me | 123rjfsdfjoijiojwernjigfjwe |
这是spring security默认自动登录的cookie字段,源码如下;
public abstract class AbstractRememberMeServices implements RememberMeServices, InitializingBean, LogoutHandler {
public static final String SPRING_SECURITY_REMEMBER_ME_COOKIE_KEY = "remember-me";
public static final String DEFAULT_PARAMETER = "remember-me";
// 默认过期时间是两个礼拜
public static final int TWO_WEEKS_S =