rememberMeCookie = org.apache.shiro.web.servlet.SimpleCookie
rememberMeCookie.name = remember
rememberMeCookie.maxAge = 604800
rememberMeCookie.httpOnly = true
rememberMeManager = org.apache.shiro.web.mgt.CookieRememberMeManager
rememberMeManager.cookie = $rememberMeCookie
我把maxAge修改为1的时候没有任何区别。
nutzwk改过,前端加了rememberMe,传了个true进去,filter是这样的
public class AuthenticationFilter extends FormAuthenticationFilter implements ActionFilter {
private String captchaParam = "captcha";
public String getCaptchaParam() {
return captchaParam;
}
protected String getCaptcha(ServletRequest request) {
return WebUtils.getCleanParam(request, getCaptchaParam());
}
protected AuthenticationToken createToken(HttpServletRequest request) {
String username = getUsername(request);
String password = getPassword(request);
String captcha = getCaptcha(request);
boolean rememberMe = isRememberMe(request);
String host = getHost(request);
return new CaptchaToken(username, password, rememberMe, host,captcha);
}
public View match(ActionContext actionContext) {
HttpServletRequest request = actionContext.getRequest();
AuthenticationToken authenticationToken = createToken(request);
request.setAttribute("loginToken", authenticationToken);
return null;
}
}
CaptchaToken 是这样的
public class CaptchaToken extends UsernamePasswordToken {
private static final long serialVersionUID = 4676958151524148623L;
private String captcha;
public String getCaptcha() {
return captcha;
}
public void setCaptcha(String captcha) {
this.captcha = captcha;
}
public CaptchaToken(String username, String password, boolean rememberMe, String host, String captcha) {
super(username, password, rememberMe, host);
this.captcha = captcha;
}
}
配置文件是这样的
rememberMeCookie = org.apache.shiro.web.servlet.SimpleCookie
rememberMeCookie.name = remember
rememberMeCookie.maxAge = 604800
rememberMeCookie.httpOnly = true
rememberMeManager = org.apache.shiro.web.mgt.CookieRememberMeManager
rememberMeManager.cookie = $rememberMeCookie
sha256Matcher = org.apache.shiro.authc.credential.Sha256CredentialsMatcher
sha256Matcher.storedCredentialsHexEncoded = false
sha256Matcher.hashIterations = 1024
sha256Matcher.hashSalted = true
shiroDbRealm = com.kanq.shiro.realm.NutzDaoRealm
shiroDbRealm.credentialsMatcher = $sha256Matcher
securityManager.realms = $shiroDbRealm
authcStrategy = com.kanq.shiro.pam.AnySuccessfulStrategy
securityManager.authenticator.authenticationStrategy = $authcStrategy
securityManager.cacheManager = $cacheManager
securityManager.rememberMeManager = $rememberMeManager
securityManager.rememberMeManager = $rememberMeManager 我把这一行去掉了 关闭浏览器 再次进入也不需要登陆就可以访问主页,那这个rememberMe到底有啥用呢 就像cookie中写入点东西?东西写入了没有用到啊,设置过期也没啥用把 我把过期时间改了1秒也没任何变化