[ https://issues.apache.org/jira/browse/WICKET-2591?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12791994#action_12791994 ]
Marat Radchenko commented on WICKET-2591: ----------------------------------------- So you expect me to use some magic values for login/password string in order to identify that other one is actually _not_ a login/password, but cookie value? That's a hack. I don't see what's the problem with giving protected access to signedIn. After all, AuthenticatedWebSession subclass already can set it (by calling signIn on itself and returning proper value from authenticate). > Allow subclasses of AuthenticatedWebSession to set "signedIn" field > ------------------------------------------------------------------- > > Key: WICKET-2591 > URL: https://issues.apache.org/jira/browse/WICKET-2591 > Project: Wicket > Issue Type: Improvement > Components: wicket-auth-roles > Affects Versions: 1.4.3 > Reporter: Marat Radchenko > > My app implements "remember me" service by setting cookie in authenticate > method of custom session that subclasses AuthenticatedWebSession. > In order to automatically login user if cookie present, i need to set > "signedIn" field to true when session is created, however it isn't possible > since "signedIn" is private and no way to set it is available. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.