[Acegisecurity-developer] setting attributes for remember-me cookie

Fri, 24 Feb 2006 07:34:05 -0800 

Hi Everyone.

Mabye there's already a really simple solution that's been staring me
in the face but I'm not seeing it.  I'm setting up the "remember-me"
functionality for this project I'm working on, and due to project
technical considerations, I've have to re-implement parts of the
remember-me in the login controller instead of using the
authentication filter.

So basically what's happening is that on a successful login, the login
controller will be making a call to the
rememberMeServices.loginSuccess(), to set the remember-me cookie.

But when I set out to test it, it didn't work.  I dug around a bit and
I think I found the problem, the application runs under the context
/foo, and the login controller url is found at /foo/login, so the
acegi remember-me cookie gets set with a path of /foo/login - which
makes it fall out of scope when accessing /foo, if i understand the
functionality of cookies right.

So I've been looking at the code in acegi, and it seems like a Cookie
is simply created with defaults in the TokenBasedRememberMeServices.  
So it would appear to me that I would need to subclass certain parts
of this code to get it to set the path to something different than the
default.

I scoured the forums and mailing list and did not find anyone bringing
up this issue.   I suspect it's because everyone (?) so far might have
been using the filter based login.  Which we are not, so this would
not be a problem for them.

So, I thought I'd bring it up on the list.. see what you guys think
should be done.

-tim


-------------------------------------------------------
This SF.Net email is sponsored by xPML, a groundbreaking scripting language
that extends applications into web and mobile media. Attend the live webcast
and join the prime developer group breaking into this new coding territory!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid0944&bid$1720&dat1642
_______________________________________________
Home: http://acegisecurity.org
Acegisecurity-developer mailing list
Acegisecurity-developer@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer

Reply via email to