记住我是登录常用功能 即登录一次过一段时间免登录
SpringSecurityConfig
dataSource,jdbcTokenRepository,configure后三行为记住我配置 同时提供了一个persistent_logins表作为记住我功能的记录(会自动生成)
@EnableWebSecurity
public class SpringSecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
DataSource dataSource;
/**
* 记住我功能
*
* @return
*/
@Bean
public JdbcTokenRepositoryImpl jdbcTokenRepository() {
JdbcTokenRepositoryImpl jdbcTokenRepository = new JdbcTokenRepositoryImpl();
jdbcTokenRepository.setDataSource(dataSource);
return jdbcTokenRepository;
}
@Override
protected void configure(HttpSecurity http) throws Exception {
// 验证码过滤器
http.addFilterBefore(imageCodeValidateFilter, UsernamePasswordAuthenticationFilter.class)
// 跳转前台的地址
.formLogin().loginPage("/loginPage")
// 登录调用的接口地址
.loginProcessingUrl("/login").successHandler(customAuthenticationSuccessHandler)
// 无权限允许访问
.and().authorizeRequests()
.antMatchers("/login", "/loginPage", "/code/image", "/logout/expirePage", "/logout/page",
"/oauth/logoutSession", "/oauth/customLogout")
.permitAll().anyRequest().authenticated()
// 记住功能配置
.and().rememberMe()
.tokenRepository(jdbcTokenRepository()) // 保存登录信息
.tokenValiditySeconds(60 * 30 * 30); // 记住我有效时长
}
} ![SpringSecurity的简单认识核心组件:[图]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)