Spring Security Remember Me
Remember me is a feature that allows a user to access into application without re-login. User’s login session terminates after closing the browser and if user again access the application by opening browser, it prompts for login.
But we can avoid this re-login by using remember me feature. It stores user’s identity into the Cookie or database and use to identity the user.
We are implementing this into the following example. Lets see an example.
Create a Maven Project
First create a maven project and provide the project details.
Initially, project looks like this:
Spring Security Configuration
Configure the project to implement spring security. It requires following four Java files. First create a package com.tutoraspire and put all the files into this.
// AppConfig.java
// MvcWebApplicationInitializer.java
// SecurityWebApplicationInitializer.java
// WebSecurityConfig.java
In this class, we are creating user and authenticating as well. The rememberMe() method inside the configure() method is responsible to remember and store user identity.
Controller
Create a controller HomeController inside the com.tutoraspire.controller package. See the controller code.
// HomeController.java
View
Create view (JSP pages) to produce output to the browser.
// index.jsp
// admin.jsp
// login.jsp
This is our custom login page in which we added remember me check box. See the code.
Project Dependencies
Following is our pom.xml file that contains all required dependencies.
// pom.xml
Project Structure
After adding all the files the project structure looks like this:
Run Server
Output:
Click on Admin login link and login.
See, we have clicked on remember me check box.
Copy the URL: http://localhost:8080/springrememberme/admin and close the browser completely. After a second open browser and paste the copied URL.
See, it does not ask for login and land us on the same page. Because we did check remember me button during login.