Where and how can I set what time the user will be authorized on the site? Now my application works in such a way that, if you log in, close the browser and log in again, the authorization subsides.

    1 answer 1

    Thanks to this article I figured out how to implement saving the session for the necessary time.

    First you need to create an additional table in the database to store information about the sessions.

    CREATE TABLE persistent_logins ( username VARCHAR(64) NOT NULL, series VARCHAR(64) NOT NULL, token VARCHAR(64) NOT NULL, last_used TIMESTAMP NOT NULL, PRIMARY KEY (series) );

    Next, in the Spring'a configuration, add the following:

     <remember-me remember-me-parameter="remember-me" remember-me-cookie="remember-me" token-validity-seconds="86400" data-source-ref="dataSource" />

    In JSP, a check box is added with a name attribute whose value is equal to what is specified in the remember-me-parameter :

     <input type="checkbox" id="rememberme" name="remember-me">

    After these manipulations at the end of authorization, a cookie should appear in the cookie with the name specified in the remember-me-cookie .

    • Although the link can find the answer to the question, it is better to point out the most important thing here, and give the link as a source. If the page to which the link leads will be changed, the response link may become invalid. - From the queue of checks - Harry
    • Well, now I will. - Bleser