Something that you may have noticed by now, with our remember me implementation, is that it works very well until the application server is restarted, at which point the user's session is forgotten. This could be inconvenient for our users, who shouldn't have to pay attention to the maintenance and ups and downs of JBCP Pets.
Fortunately, Spring Security provides the capability to persist
rememberme tokens any store implementing the
o.s.s.web.authentication.rememberme.PersistentTokenRepository interface, and ships with a JDBC implementation of this interface.
Modifying our remember me configuration at this point to persist to the database is surprisingly trivial. ...