Just to be clear Remember Me is NOT authentication. http://shiro.apache.org/java-authentication-guide.html#JavaAuthenticationGuide-%22RememberMe%22Support
I'm guessing you have already seen this: http://shiro-user.582556.n2.nabble.com/Keeping-track-of-user-s-last-login-date-td4909857.html basically implement a AuthenticationListener and RememberMeManager if you want both On Tue, Apr 28, 2015 at 11:26 AM, Rob W <[email protected]> wrote: > I am securing a web app running on Jetty using DefaultWebSessionManager > and the default CookieRememberMeManager. I need to implement logging of > last access whether authentication was via login or Remember Me, with a > precision of at least 24 hours (i.e. I want to know if someone accessed the > app that given day). A more precise last-access time would be even better, > of course. > The previous discussions I saw on this topic are a few years old and > didn't give a definitive answer, so I'm wondering: what the currently > accepted best way to implement logging of last access time? I'm sure this > is a common requirement, and I'm interested in hearing how others have > tackled it. > > Thanks in advance, > > Rob >
