Remember Me cookie

The cookie contains three part:

username: to identify logged-in 

expirationTime: to expire the cookie; default 2 week

password and pridefined : encode by md5 hash.

Notice when use standard Remember Me solution: 

1) cookie depend on user and password so we change user or password then cookie is invalid

2)  potentially vulnerable if the remember me cookie is captured.

Use: 

Type 1:  standard Remember Me solution

 


 

Type 2: Using PersistentTokenBasedRememberMeServices via an implementation JdbcTokenRepositoryImpl store the persisted login information in a database

 


 

 


Peter April 12, 2021

0 comments :

Post a Comment

Cancel Reply

About Me

My photo
Tân An, Long An, Vietnam
Hello everyone, I love programming, I love making friends with people all over the world.

Contact

Popular Posts

  • Tìm hiểu về các phép so sánh trong java
    Preface Trong java có 3 kiểu so sánh đặc trưng như sau: + Sử dụng toán tử == : return Boolean Primitive thì so sánh giá trị thực, Reference ...
  • Java Copy
     1 Copy Object in java Use = for immutable class ex: Integer , String or Wrapper classes Object   Use Contructor has paramater copy, ObjectA...
  • Remember Me cookie
    The cookie contains three part: username: to identify logged-in  expirationTime: to expire the cookie; default 2 week password and pridefine...
  • Oauth 2.0
    Preface Khái niệm   Oauth và ApIs Scope and consent (phạm vi và sự đồng ý) Oauth Actor Oauth Tokens   Front Back Channel Giả Xác thực Với Oa...
  • Spring Security Notice
     1) The order of the antMatchers() Note that the order of the antMatchers()  elements is significant – the more specific rules need to come ...
  • Collection Java
    Knowledge of collection in java Interface Iterator interface Collection interface List Interface    Queue Interface    Deque Interface    Se...
  • Spring hibernate Lifecycle
    Persistence Context has two implemnet is JPA EntityManage and Hiberbate Session Example use Session of hiberate  has exist github you can vi...
  • Compare List Java
    For immutableuse equallist we simple use list.equal list it return true if content same. (compare index)  //case true  List<Integer> l...
  • Hibernate Notice
      1)  CRUD có thể sử dung find Compositekey hoặc findBy compositeket + column in composite   2) CRUD findBy column And column  3 Not LazyLoa...
  • Check Status object
     1 check Null and Undefined And primative datatype if(object){ // object is not null, undefined, 0, '', false.  but it can empty({})...

statistics