That is remember me
Add a
Then add: remember-me field when sending the request
value can be, ture, 1, on
After we remember to log in, close the browser and open it again, visit the interface, and if you can access it, it means that you remember to log in successfully.
Because some interfaces can support rememberMe authentication, and some interfaces do not support it, use the method shown in the figure above to make a distinction.
//Prohibit url encoding
org.springframework.security.web.session.DisableEncodeUrlFilter@3730ab42,
// asynchronous manager
org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilte
r@537c8c7e,
//Read current user information
org.springframework.security.web.context.SecurityContextPersistenceFilter@3f93e4a8,
//Process the request header
org.springframework.security.web.header.HeaderWriterFilter@2e2f720,
//logout
org.springframework.security.web.authentication.logout.LogoutFilter@2264e43c,
// user authentication
org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter@
3f1ddac2,
//Request cached
org.springframework.security.web.savedrequest.RequestCacheAwareFilter@5445f5ba,
org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter@67
110f71,
//remember login
org.springframework.security.web.authentication.rememberme.RememberMeAuthentication
Filter@455824ad,
//Anonymous access
org.springframework.security.web.authentication.AnonymousAuthenticationFilter@7308fff
f, org.springframework.security.web.session.SessionManagementFilter@7f572c37,
org.springframework.security.web.access.ExceptionTranslationFilter@1ffcf674, org.springframework.security.web.access.intercept.FilterSecurityInterceptor@12010fd1
rememberMe also has a key attribute. When the key is set to a value, even if the server is restarted, there is no need to log in again.
After enabling rememberMe, the login is successful, and the server will respond with a rememberMe string:
YWRtaW46MTY4Nzc2ODQ5Nzk1NDpjZTM0YzQ2NWMzYzE4M2UwYjAwOTgxZmU1Zjg3Y2UxNg
Base64 decryption is complete
admin:1687768497954:ce34c465c3c183e0b00981fe5f87ce16
Divided into three parts: username: timestamp: encrypted string (string encrypted according to username + user password + timestamp + key)
Every subsequent request will automatically carry this cookie.