remember-me

问题 What is the best way to implement ' remember me ' functionality on an ASP.NET web site? Should I use custom cookies or is there a simpler method? 回答1: Are you using the built in Authenication services provided by ASP.NET? If so, its pretty easy. 回答2: For me the solution was differentiating between a browser-session cookie (not to be confused with the asp.net session cookie) and a persistent one - setting a low expiration will create a persistent cookie meaning it gets remembered when the

问题 Authentication and Authorization is working properly. But remember me is not working properly in the application. I have used both database authentication and ldap authentication using spring security (only one at a time) with lot of spring security customization. Below is my spring security context file. <?xml version="1.0" encoding="UTF-8"?> <beans:beans xmlns="http://www.springframework.org/schema/security" xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3

问题 I'm using Spring Security 3.0.0 and persistent RememberMe. When the server restarts and a browser window is still open , we need to be able to continue using the application without having to login - if remember me is selected. I'm getting a org.springframework.security.web.authentication.rememberme.CookieTheftException: Invalid remember-me token (Series/token) mismatch. Implies previous cookie theft attack, when I try to continue to use the application after a server restart. What I notice

问题 I'm using Spring Security 3.0.0 and persistent RememberMe. When the server restarts and a browser window is still open , we need to be able to continue using the application without having to login - if remember me is selected. I'm getting a org.springframework.security.web.authentication.rememberme.CookieTheftException: Invalid remember-me token (Series/token) mismatch. Implies previous cookie theft attack, when I try to continue to use the application after a server restart. What I notice

问题 How can i configure remember-me service in spring security.Am using spring3.0 +hibernate3+ struts2.I have tried as below. login.jsp <input type="checkbox" name="_spring_security_remember_me"/>remember-me applicationContext-security.xml <?xml version="1.0" encoding="UTF-8"?> <beans xmlns="http://www.springframework.org/schema/beans" xmlns:s="http://www.springframework.org/schema/security" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.springframework.org

问题 I am using Spring Security with a login page and a remember-me filter. The remember-me filtering can happen on any page of the application. But I want the same behaviour both when the user is authenticated from login page and from the cookie: I want to set some user information in session I want to redirect the user to the home page (always-use-default-target="true") I have seen that the success-handler for the remember-me tag is supported by Spring Security since the 3.1.0 (https://jira

问题 I am using Spring Security with a login page and a remember-me filter. The remember-me filtering can happen on any page of the application. But I want the same behaviour both when the user is authenticated from login page and from the cookie: I want to set some user information in session I want to redirect the user to the home page (always-use-default-target="true") I have seen that the success-handler for the remember-me tag is supported by Spring Security since the 3.1.0 (https://jira

问题 I have a Grails application with spring-security-ldap plugin installed and configured with Active Directory specific options. Grails version: 2.1.1. spring-security-core plugin version: 2.0-RC2 spring-security-ldap plugin version: 2.0-RC2 Everything works fine: users log in to the application validating against the Active Directory and their groups are retrieved in order to control the access to the different pages. My problem: "remember me" option doesn't work. I have configured the

问题 I'm trying to create a simple login window with the very common 'Remember me' functionality. The login validation is done AJAX style, thus the browser won't remember my input. My approach is to use the built-in state functionality, but how to use it confuses me. Ext.state.Manager.setProvider(new Ext.state.CookieProvider({ expires: new Date(new Date().getTime()+(1000*60*60*24*7)), //7 days from now })); ... { xtype: 'textfield', fieldLabel: 'User name', id: 'txt-username', stateful: true,

问题 I am trying to implement "remember me"/"autologin" functionality. I have stored a cookie at the client but when should I read it? If I try to do that in a filter, for example, I won't have access to my application-scoped beans which I use to access the db. What are the best practices to do that? 回答1: It depends a little on how your current login exactly works. Is it a container login followed by custom stuff (like putting some object in the session) or only custom? In the first case you can't