spring security remember-me
2016-08-29 12:12
447 查看
1.controller
package net.yym.web.controller.home;
import com.google.common.base.Optional;
import net.yym.core.entity.Doctor;
import net.yym.web.controller.BaseController;
import net.yym.web.security.LoginUserInfo;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import javax.servlet.http.HttpServletRequest;
/**
* 登陆跳转控制器
*
* @author yym
*/
@Controller
public class HomeController extends BaseController {
private static Logger logger = LoggerFactory.getLogger(HomeController.class);
@Autowired
private LoginUserInfo loginUserInfo;
@RequestMapping("/")
public String index() {
return "redirect:home";
}
@RequestMapping("/login")
public String login(@RequestParam(required = false)String error,HttpServletRequest request) {
if (error != null){
request.setAttribute("error","用户名或密码错误");
}
return "home/login";
}
@RequestMapping("/home")
public String home(HttpServletRequest request) {
Optional<Doctor> optional = loginUserInfo.getDoctor();
if (optional.isPresent()){
request.getSession().setAttribute("doctorName", optional.get().getName());
}
return "redirect:patient/list";
}
}2.spring-security.xml
<?xml version="1.0" encoding="UTF-8"?> <beans:beans xmlns="http://www.springframework.org/schema/security" xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.3.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-4.1.xsd" default-lazy-init="true"> <!-- http安全配置 --> <!-- 设置禁止spring-security拦截的路径 --> <http pattern="/login*" security="none"/> <http pattern="/" security="none"/> <http pattern="/WEB-INF/views/home/*.jsp" security="none"/> <http pattern="/WEB-INF/views/shared/*.jsp" security="none"/> <http auto-config="true" use-expressions="true"> <form-login login-page="/login" default-target-url="/home" always-use-default-target="true" login-processing-url="/j_spring_security_check" authentication-failure-url="/login?error=true"/> <csrf disabled="true"/> <logout logout-success-url="/login" logout-url="/logout"/> <remember-me key="chd" services-ref="rememberMeServices"/> <intercept-url pattern="/**" access="hasAnyRole('ROLE_USER')"/> </http> <!-- 认证配置, 使用userDetailsService提供的用户信息 --> <authentication-manager alias="authenticationManager" erase-credentials="false"> <authentication-provider ref="authenticationProvider"/> </authentication-manager> <beans:bean id="authenticationProvider" class="org.springframework.security.authentication.dao.DaoAuthenticationProvider"> <beans:property name="userDetailsService" ref="memberDetailService"/> <beans:property name="hideUserNotFoundExceptions" value="false"/> <beans:property name="passwordEncoder" ref="passwordEncoder"/> </beans:bean> <!-- 实现 remember-me 功能 --> <beans:bean id="rememberMeServices" class="org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices"> <beans:constructor-arg value="chd" index="0"/> <beans:constructor-arg ref="memberDetailService" index="1"/> </beans:bean> <!-- 项目实现的用户查询服务 --> <beans:bean id="memberDetailService" class="net.yixinjia.web.security.AuthenticationService"/> <!-- 用户的密码加密或解密 --> <beans:bean id="passwordEncoder" class="org.springframework.security.authentication.encoding.Md5PasswordEncoder"/> </beans:beans>
3.login.jsp
<form id="login_form" action="j_spring_security_check" method="post">
<div class="form-group m-bottom-md">
<input type="text" class="form-control" name="username" placeholder="请输入用户名">
</div>
<div class="form-group">
<input type="password" class="form-control" name="password" placeholder="请输入密码">
</div>
<div class="form-group">
<div class="custom-checkbox">
<input type="checkbox" id="remember_me" name="remember-me">
<label for="remember_me"></label>
</div>
记住密码
</div>
<div style="color: red">
<c:if test="${not empty error}">
用户名或密码错误
</c:if>
</div>
<div class="m-top-md p-top-sm">
<a href="javascript:document:login_form.submit();" class="btn btn-success block">登录</a>
</div>
</form>
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- (九)、SpringBoot + Security RememberMe(记住我)功能
- Spring Security Remember Me Example
- Spring-security自定义配置器
- springboot + security 自定义登陆校验Filter
- cxf + spring 的WS-Security示例(二)
- 9. Spring Security Filter
- 学习spring 3.0 security和MVC REST遇到的几个问题
- Using JWT with Spring Security OAuth
- spring-security-samples-tutorial-2.0.x.war 学习一
- Spring Boot Security 整合
- spring-security 3.0.X, 让ajax login和普通login共存
- spring security logout
- SPRING IN ACTION 第4版笔记-第九章Securing web applications-001-SpringSecurity简介(DelegatingFilterProxy、AbstractSecurityWebApplicationInitializer、WebSecurityConfigurerAdapter、@EnableWebSecurity、@EnableWebMvcS)
- springboot+security restful权限控制官方推荐(五)
- Spring-Security笔记2 自定义登录界面
- Spring-Security笔记4 用户和权限
- Spring Security#Expression-Based Access Control
- junit+springMVC单元测试异常:org.apache.shiro.UnavailableSecurityManagerException
- Spring boot Spring security,Thymeleaf使用自己的用户类登陆
- Spring Security Advanced Usage Sample