spring security remember-me

来源：互联网发布：腾讯unity3d招聘编辑：程序博客网时间：2024/06/05 21:18

1.controller

package net.yym.web.controller.home;import com.google.common.base.Optional;import net.yym.core.entity.Doctor;import net.yym.web.controller.BaseController;import net.yym.web.security.LoginUserInfo;import org.slf4j.Logger;import org.slf4j.LoggerFactory;import org.springframework.beans.factory.annotation.Autowired;import org.springframework.stereotype.Controller;import org.springframework.web.bind.annotation.RequestMapping;import org.springframework.web.bind.annotation.RequestParam;import javax.servlet.http.HttpServletRequest;/** * 登陆跳转控制器 * * @author yym */@Controllerpublic class HomeController extends BaseController {    private static Logger logger = LoggerFactory.getLogger(HomeController.class);    @Autowired    private LoginUserInfo loginUserInfo;    @RequestMapping("/")    public String index() {        return "redirect:home";    }    @RequestMapping("/login")    public String login(@RequestParam(required = false)String error,HttpServletRequest request) {        if (error != null){            request.setAttribute("error","用户名或密码错误");        }        return "home/login";    }    @RequestMapping("/home")    public String home(HttpServletRequest request) {        Optional<Doctor> optional = loginUserInfo.getDoctor();        if (optional.isPresent()){            request.getSession().setAttribute("doctorName", optional.get().getName());        }        return "redirect:patient/list";    }}

2.spring-security.xml

<?xml version="1.0" encoding="UTF-8"?><beans:beans xmlns="http://www.springframework.org/schema/security"             xmlns:beans="http://www.springframework.org/schema/beans"             xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"             xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.3.xsd             http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-4.1.xsd"             default-lazy-init="true">    <!-- http安全配置 -->    <!-- 设置禁止spring-security拦截的路径 -->    <http pattern="/login*" security="none"/>    <http pattern="/" security="none"/>    <http pattern="/WEB-INF/views/home/*.jsp" security="none"/>    <http pattern="/WEB-INF/views/shared/*.jsp" security="none"/>    <http auto-config="true" use-expressions="true">        <form-login login-page="/login"                    default-target-url="/home"                    always-use-default-target="true"                    login-processing-url="/j_spring_security_check"                    authentication-failure-url="/login?error=true"/>        <csrf disabled="true"/>        <logout logout-success-url="/login" logout-url="/logout"/>        <remember-me key="chd" services-ref="rememberMeServices"/>        <intercept-url pattern="/**" access="hasAnyRole('ROLE_USER')"/>    </http>    <!-- 认证配置, 使用userDetailsService提供的用户信息 -->    <authentication-manager alias="authenticationManager" erase-credentials="false">        <authentication-provider ref="authenticationProvider"/>    </authentication-manager>    <beans:bean id="authenticationProvider" class="org.springframework.security.authentication.dao.DaoAuthenticationProvider">        <beans:property name="userDetailsService" ref="memberDetailService"/>        <beans:property name="hideUserNotFoundExceptions" value="false"/>        <beans:property name="passwordEncoder" ref="passwordEncoder"/>    </beans:bean>    <!-- 实现 remember-me 功能 -->    <beans:bean id="rememberMeServices" class="org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices">        <beans:constructor-arg value="chd" index="0"/>        <beans:constructor-arg ref="memberDetailService" index="1"/>    </beans:bean>    <!-- 项目实现的用户查询服务 -->    <beans:bean id="memberDetailService" class="net.yixinjia.web.security.AuthenticationService"/>    <!-- 用户的密码加密或解密 -->    <beans:bean id="passwordEncoder" class="org.springframework.security.authentication.encoding.Md5PasswordEncoder"/></beans:beans>

3.login.jsp

<form id="login_form" action="j_spring_security_check" method="post">    <div class="form-group m-bottom-md">        <input type="text" class="form-control" name="username" placeholder="请输入用户名">    </div>    <div class="form-group">        <input type="password" class="form-control" name="password" placeholder="请输入密码">    </div>    <div class="form-group">        <div class="custom-checkbox">            <input type="checkbox" id="remember_me" name="remember-me">            <label for="remember_me"></label>        </div>        记住密码    </div>    <div style="color: red">        <c:if test="${not empty error}">            用户名或密码错误        </c:if>    </div>    <div class="m-top-md p-top-sm">        <a href="javascript:document:login_form.submit();" class="btn btn-success block">登录</a>    </div></form>

0 0