'm helping to maintain an app that uses Apache Shiro. We want our users to be able to logout, but keep their "remember me" cookie, but apparently this isn't supported by Shiro (scroll to bottom of page):
https://shiro.apache.org/java-authentication-guide.html /*When you log out in Shiro it will close out the user session and removes any associated identity from the subject instance. If you're using RememberMe in a web environment, then .logout() will, by default, also delete the RememberMe cookie from the browser.*/ What's the best way to achieve this goal? -- View this message in context: http://shiro-user.582556.n2.nabble.com/Keep-remember-me-cookie-when-logging-out-tp7579637.html Sent from the Shiro User mailing list archive at Nabble.com.
