Remember Me cookie

The cookie contains three part:

username: to identify logged-in 

expirationTime: to expire the cookie; default 2 week

password and pridefined : encode by md5 hash.

Notice when use standard Remember Me solution: 

1) cookie depend on user and password so we change user or password then cookie is invalid

2)  potentially vulnerable if the remember me cookie is captured.

Use: 

Type 1:  standard Remember Me solution

 


 

Type 2: Using PersistentTokenBasedRememberMeServices via an implementation JdbcTokenRepositoryImpl store the persisted login information in a database

 


 

 


Peter April 12, 2021

0 comments :

Post a Comment

Cancel Reply

About Me

My photo
Tân An, Long An, Vietnam
Hello everyone, I love programming, I love making friends with people all over the world.

Contact

Popular Posts

  • Design Pattern createnal factory
    The one of Design Pattern Series, this is factory design for createnal pattern. Please read in the linked document.   Link document:  https:...
  • Es 6 some features
    youtube tutorial: https://www.youtube.com/watch?v=IEf1KAcK6A8 1 let and scope, 2 const, 3 array function 4 default value 5 Object iteral ext...
  • Java Copy
     1 Copy Object in java Use = for immutable class ex: Integer , String or Wrapper classes Object   Use Contructor has paramater copy, ObjectA...
  • JPA find and getReference
    JPA find() & getReference() in javax.persistence.EntityManager * find (): always call select from DB   Use for select one entity from DB...
  • Tìm hiểu về các phép so sánh trong java
    Preface Trong java có 3 kiểu so sánh đặc trưng như sau: + Sử dụng toán tử == : return Boolean Primitive thì so sánh giá trị thực, Reference ...
  • Spring hibernate Lifecycle
    Persistence Context has two implemnet is JPA EntityManage and Hiberbate Session Example use Session of hiberate  has exist github you can vi...
  • Check Status object
     1 check Null and Undefined And primative datatype if(object){ // object is not null, undefined, 0, '', false.  but it can empty({})...
  • Hibernate Notice
      1)  CRUD có thể sử dung find Compositekey hoặc findBy compositeket + column in composite   2) CRUD findBy column And column  3 Not LazyLoa...
  • CLEAN CODE
    This post use language vietnames is, the future is will introduce english version. The clean code for java also application for the others. ...
  • DateFormat String format
    Parse LocalDateTime to String to pattern  year :                      yyyy || 2021 month of year:       M / MMM / MMMM || 06 / Jun / June da...

statistics