tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rusty Wright <rusty.wri...@gmail.com>
Subject Re: "remember me" authentication?
Date Fri, 27 Feb 2009 00:41:09 GMT
Plan C: go for the gusto and use Spring Security (aka Acegi).  Learning Spring and Spring Security
should keep you busy for the next year or so.  Definitely looks good on the resume though.


Charl Gerber wrote:
> Hi everyone,
> 
> Does Tomcat provide default support in some way to implement a 'remember me' feature
for form based authentication? This should not be dependent on a user's browser remembering
the username/password, but by a checkbox you can check/clear on the logon jsp.
> 
> If so, where do I find it? If not, how can I implement it? My guess is that I store the
user credentials in a cookie, but how do I get every jsp/servlet in my application that requires
authentication to automatically retrieve this and skip authentication? Sounds like a lot of
overhead, unless Tomcat can take care of it.
> 
> Plan B, less desired, could be for the cookie to be read only in the logon (via javascript)
jsp and automatically fill the credentials. So the user only have to type 'Submit' to logon.
Not auto logon, but at least saves some typing. Pretty much the same as the browser would
have done it, except your app now has control.
> 
> Thanks!
> 
> Charl
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
> 

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message