jschmidt wrote:
This is not a problem because I don't use it since it's not a portable solution. I want my webapplication's WAR to be simply drop-able somewhere else and work too :). I simply don't understand why there's no simple standard for this (JAAS looks very very complicated to me). So in the mean time I'm going the use the Click solution, and maybe later a security filter :).
I think SecurityFilter[1] has "Remember me" functionality. It is not as sophisticated as Spring Security and Ki (JSecurity) though.
For Servlet 3.0 specification they are introducing programmatic login and logout. This should make "Remember me" functionality a bit easier to implement in a standard way.
kind regards bob [1]: http://securityfilter.sourceforge.net/
