[
https://issues.apache.org/jira/browse/WICKET-2591?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12791994#action_12791994
]
Marat Radchenko commented on WICKET-2591:
-----------------------------------------
So you expect me to use some magic values for login/password string in order to
identify that other one is actually _not_ a login/password, but cookie value?
That's a hack.
I don't see what's the problem with giving protected access to signedIn. After
all, AuthenticatedWebSession subclass already can set it (by calling signIn on
itself and returning proper value from authenticate).
> Allow subclasses of AuthenticatedWebSession to set "signedIn" field
> -------------------------------------------------------------------
>
> Key: WICKET-2591
> URL: https://issues.apache.org/jira/browse/WICKET-2591
> Project: Wicket
> Issue Type: Improvement
> Components: wicket-auth-roles
> Affects Versions: 1.4.3
> Reporter: Marat Radchenko
>
> My app implements "remember me" service by setting cookie in authenticate
> method of custom session that subclasses AuthenticatedWebSession.
> In order to automatically login user if cookie present, i need to set
> "signedIn" field to true when session is created, however it isn't possible
> since "signedIn" is private and no way to set it is available.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
