Spring Security Remember Me
Question
I'm developing a Spring MVC web app and have configured the Spring Security to intercept all URLs and authenticate them. If the user ticks the " remember me ", to automatically log in the user without redirecting to the login page.
Say, my login URL is
example.com/signin
and homepage is
example.com/home
When a user enters any URL to a valid web page (eg example.com/home) which needs authentication, if the remember me is enabled , he is directed to that specific web page without authenticating again.
But when a user enters example.com/signin, it just displays login form even if he is already authenticated and remembered.
How can I redirect him to the homepage(example.com/home) if he is an authenticated and remmeber-me enabled user without displaying the login page?
2 answers
solution1
1 ACCPTED 2015-03-09 13:31:47
These links might help you to implement the remember me using spring security.
http://docs.spring.io/spring-security/site/docs/3.0.x/reference/remember-me.html http://www.mkyong.com/spring-security/spring-security-remember-me-example/
solution2
0 2015-03-10 06:11:49
I added a redirect to the controller. Please let me know if this is the correct way.
Authentication auth = SecurityContextHolder.getContext().getAuthentication();
//if the user is already authenticated redirect him to the dashboard
if(!(auth instanceof AnonymousAuthenticationToken)){
return "redirect:dashboard";
}
return "signin";
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.