This article is a little old but I always liked it's articulation of general principles.
http://fishbowl.pastiche.org/2004/01/19/persistent_login_cookie_best_practice/ WILL On Fri, Mar 27, 2009 at 1:32 PM, jschmidt <[email protected]> wrote: > > > this is done saving a cookie on the users computer (either one that does > not expire or one that expires after a 14 days period, according to your > samples). > > How to implement this depends on the way you are authenticating your > user and what kind of security you are using. > > Maybe I can help you if you can provide some details about the secrity > implementation you are using. > > I'm trying to authenticate the user like in the click example: > http://www.avoka.com/click-examples/security/login.htm > (since this if put on SSL looks good enough. Also it's much more portable > than the webcontainer solution described in the clickdocs/BestPractice, > especially if I want to use my own roles and not depend on tomcat's > tomcat-users.xml ) > > I will also try to make this work with Cayenne (but without Spring - > unfortunately the examples are all Spring based :( ). > > Thanks, > Joseph. > -- > View this message in context: > http://n2.nabble.com/How-to-do-the-%22Remember-me-on-this-computer%22-functionality--tp2546109p2546514.html > Sent from the click-user mailing list archive at Nabble.com. > >
