-
May 14th, 2012, 10:06 AM
#1
Session-Only Remember-Me cookie (Enhancement RQ)
In a couple of projects I had to use Remember-Me services with a session-only cookie.
The idea is to keep the user's authentication state across server restarts, application crashes and redeploys, and session time-outs. This provides a bit of enhanced user experience.
I used to do this with a TokenBasedRememberMeServices subclass, that would always add a cookie, but it would be session-only if no remember-me trigger parameter was supplied, or persistent (as per default behaviour) if the trigger parameter is supplied.
Now I am using xml schema configuration, and found it hard to use a sub-class.
Request For Enhancement:
Add a flag to add a session cookie if long-term cookie is not required.
Last edited by Lachezar; May 14th, 2012 at 10:16 AM.
И'м ватцхинг ъоу...
-
May 14th, 2012, 03:49 PM
#2
Your session cookie is supposed to go away when your session ends. How would the this work without making the session cookie not a session cookie?
Tags for this Thread
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
Reply With Quote