myfaces-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Craig McClanahan <craig...@apache.org>
Subject Re: stay signed on
Date Thu, 02 Feb 2006 01:45:07 GMT
On 2/1/06, frohman@pacbell.net <frohman@pacbell.net> wrote:
>
> A lot of web sites allow a user to "stay signed on". That is,
> if they sign on, there is an option so that when
> they close the browser, the next time the go to the site, they
> do not need to log on again. It involves a persistent cookie.
> I was wondering if anyone knows of a framework, or best practices,
> or recommendations, whatever, to do this.
>
> Thanks,
> Lance
>
>
> I can point you at an example of how to implement this.

The Shale[1] "use cases" example application includes a dialog for login +
"create profile" that includes the "Remember Me" capability via a cookie.
I've tested it lightly, but it does work, although you'd want to review the
way that the cookie value actually gets generated to reduce opportunities
for spoofing in a real application.  You can  grab a recent nightly build[2]
and deploy this app (shale-usecases-YYYYMMDD.war) and give it a try.  The
sources for this are in the shale-framework-YYYYMMDD download.

Craig

[1] http://struts.apache.org/struts-shale/
[2] http://cvs.apache.org/builds/struts/nightly/struts-shale/

Mime
View raw message