Hi
Is securityfilter able to autologin users that have enabled their
persitent login via cookies?
In the moment these users have to push the login button again, although
they do not have to enter their username and password.
// process any persistent login information, if user is not
already logged in,
// persistent logins are enabled, and the persistent login info
is present in this request
if (
request.getRemoteUser() == null
persistentLoginManager != null
persistentLoginManager.rememberingLogin(request)
) {
String username =
persistentLoginManager.getRememberedUsername(request, response);
String password =
persistentLoginManager.getRememberedPassword(request, response);
Principal principal = realm.authenticate(username, password);
if (principal != null) {
request.setUserPrincipal(principal);
} else {
// failed authentication with remembered login, better
forget login now
persistentLoginManager.forgetLogin(request, response);
}
}
This piece of code seems to be responsible for the persistent login on
the form submission. But this is only called in processLogin
(FormAuthenticator) when the login Form is submitted. If this
persistent login failes the form-input is taken.
Thanks, Tobias
PS: Is it possible to make securityfilter work with tiles xml-file definitions?
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]