java - How do I keep a user logged into my site for months? -


I am using OpenID How do I create it so that the user logs in for a long time after closing the browser window Are you doing

How can I store a user's user object?

Actually, I think I really can not understand how the sessions work in Java.

So do you really like the "Remember me on this computer" option? This is actually unrelated to the OpenID part. Here's a language - you can do it in an unknowable way:

  • First, at least cookie_id and user_id Create a DB table together Add cookie_ttl and ip_lock if necessary. The names of the columns speak for me I think

  • On the first time login (if necessary with the "Remember me" option), Generate a long, unique, hard-guess The key (which is related to the user there is no way ) that shows cookie_id and it should be in code user_id . Store cookie_id as a cookie value with the cookie name known as, e.g. Remember. Give the cookie a long life, e.g. one year.

  • On each request, check whether the user is logged in or not. If not, check the cookie value cookie_id associated with the cookie name . If it is there and it is legitimate according to DB, then the user is connected to user_id and automatically suspend the cookie age and if any, in the DB cookie_ttl .

In Java / JSP / Charlotte words, add a cookie and use it to get cookies. You can check for the first time in a filter , which listens to the desired records, e.g. / * Or maybe a little more restricted.

Regarding the sessions, you do not need it here. It is a little too old to use the logged-in user or "found" user to use it to keep a valid memorize cookie in the same way as the filter Check the presence and then there is no need to check the cookies all the time.

All this is quite straight forward, after all the best wishes.

Also see:


Comments

Post a Comment

Popular posts from this blog

sql - dynamically varied number of conditions in the 'where' statement using LINQ -

I am using my first project LINQ (in mvc), so maybe there's something very simple that I remember. However, a day of searching and experimenting does not work, so it works. I am trying to write a LINQ query (Linux to SQL) in which in many cases where the statement is different from an OR or an AND. We do not know how many conditions are going in the query till runtime. This search is for filter control, where the user can choose multiple criteria for filtering. Select from table where table.col = 1 or table.col = 2 or table.col = 7 .... 'Other number of conditions Before I just create the SQL query as a string, while looping over all the situations. However, it seems that there should be a good way to do this in LINQ. I tried to use Expression trees, but they had a second thought for this moment on my head, where the lambda function was to be executed inside the statement such as: values ​​for matchingRows = matchingRows for each value Where (function (row) row.c...
Read more

asp.net mvc - Dynamically Generated Ajax.BeginForm -

I have a problem with ASP.NET MVC Ajax forms. I generate many Ajax form in a table such as: & Lt; Input type = "submit" name = "activity" value = "add activity" / & gt; & Lt;%}% & gt; & Lt; / TD & gt; & Lt; / TR & gt; & Lt;%}% & gt; So far so good. When I post one of those forms, it gives a partial view in a div, and in this new partial view a new Ajax Beginnform (which is not in Genesis form) This second Ajax Beginnorf is exactly like the ones I got on the table, but when I post it, I do not get the "Ajax Post", but a normal post that sends me to a new page, I do not know whether the two Ajax forms What is the reason for the difference between, why is it the "dynamically generated" Ajax form behaves like a normal HTML form? By the way, I know that I can do it in different ways using javascript, but I would like to understand whether it can only be done using MVC helplars and Ajax lib...
Read more

Debug on symbian -

I am using trk for phone debug This works well for the Holorld project But when I start the project in phone debug mode 1) the load failed 2) TrkProtocolPlugin: to target the specified file Failure (please verify If any body understands what problem I am experiencing, then this problem helps me Pre-release If the application has the privileges assigned (with the appropriate certificate) itemprop = "text" > In your case, I will check: / li> If there is no conflict of application ID with any other application of device If there are problematic commands in the installation package (for example copy copy for non-accessible directories)
Read more