Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Spring Security, Spring MVC and Login Sessions

I have my Spring MVC & Spring Security up and running as suggested by Spring's own reference application "petclinic". Everything's fine except that the login does not persist a browser restart.

What has to be considered to make sure a logged in user does not need to relogin after browser restart?

like image 498
Ta Sas Avatar asked Sep 05 '10 17:09

Ta Sas


People also ask

Can we use Spring Security in Spring MVC?

To enable Spring Security integration with Spring MVC add the @EnableWebSecurity annotation to your configuration. Spring Security provides the configuration using Spring MVC's WebMvcConfigurer.


1 Answers

On a browser restart, user sessions aren't maintained. So, you login informations doesn't survive a browser restart because they are stored in session.

To set up a login that survives browser restarts, you need to implement a cookie based authentication, also known as "Remember me" in Spring security.

To set up "Remember me" using Spring security, I suggest you the following article. You can also check out Spring documentation on the subject.

like image 110
Vivien Barousse Avatar answered Nov 15 '22 14:11

Vivien Barousse