在shiro.xml配置文件中,添加如下代码
<!--添加记住我功能--> <!-- rememberMeCookie asplover begin--> <!-- 声明cookie对象--> <bean id="rememberMeCookie" class="org.apache.shiro.web.servlet.SimpleCookie"> <constructor-arg value="rememberMe"/> <property name="httpOnly" value="true"/> <property name="maxAge" value="2592000"/> <!-- 30天 --> <!-- <property name="domain" value="sqfcw.net"/>--> </bean> <!-- rememberMe管理器 --> <bean id="rememberMeManager" class="org.apache.shiro.web.mgt.CookieRememberMeManager"> <property name="cookie" ref="rememberMeCookie"/> </bean> <!-- rememberMeCookie asplover end-->
写入cookie
@RequestMapping(value = "/login") public String Login(String username, String password, HttpSession session, HttpServletRequest request, HttpServletResponse response, Model model){ if(username==null){ model.addAttribute("message", "账号不为空"); return "login"; } //主体,当前状态为没有认证的状态“未认证” Subject subject = SecurityUtils.getSubject(); // 登录后存放进shiro token UsernamePasswordToken token=new UsernamePasswordToken(username,password); //测试添加记住我 token.setRememberMe(true); User user; //类级变量,check()方法会用 //登录方法(认证是否通过) //使用subject调用securityManager,安全管理器调用Realm try { //利用异常操作 //需要开始调用到Realm中 System.out.println("========================================"); System.out.println("1、进入认证方法"); subject.login(token); user = (User)subject.getPrincipal(); session.setAttribute("user",subject); model.addAttribute("message", "messagee值为登录完成"); //cookie的学习开始---------- begin SimpleCookie simpleCookie = new SimpleCookie(); simpleCookie.setName("lang"); simpleCookie.setValue("lang of value"); simpleCookie.setName("userAccount"); simpleCookie.setValue(user.getAccount()); Cookie cookie = simpleCookie; //"lang",lang cookie.setComment("lang type"); cookie.setMaxAge(360*24*60*60);//最大时间 cookie.saveTo(request,response); System.out.println("登录完成"); } catch (UnknownAccountException e) { model.addAttribute("message", "账号密码不正确"); return "index"; } return "test"; }
读取cookie
@RequestMapping("/check")
public String check(HttpSession session,HttpServletRequest request){
//判断session
Subject subject=(Subject)session.getAttribute("user");
//取得cookie
// Cookie[] cookies = request.getCookies();
javax.servlet.http.Cookie[] cookies = request.getCookies();
System.out.println("cookies取得值"+cookies);
System.out.println("cookies取得值"+cookies[0].getValue());
for ( javax.servlet.http.Cookie cookie:cookies ) {
System.out.println("从浏览器获取"+cookie.getName()+"的值:"+cookie.getValue());
}
}