[
https://jira.codehaus.org/browse/MRM-1841?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Sascha Vogt reopened MRM-1841:
------------------------------
Upgraded to the mentioned commit and I can now see the username / password /
rememberme in the cookie, nevertheless I'm still logged out and have to
re-login.
Additionally: Is it a good idea to store the password in the cookie? Wouldn't
it be better to have a token stored there? Using LDAP the cookie exposes the
domain password of the user, which is pretty bad. A token would only give an
attacker access to one system instead of the whole domain.
> "Remember me" not working
> -------------------------
>
> Key: MRM-1841
> URL: https://jira.codehaus.org/browse/MRM-1841
> Project: Archiva
> Issue Type: Bug
> Affects Versions: 2.0.1
> Reporter: Sascha Vogt
> Assignee: Olivier Lamy
> Fix For: 2.1.0
>
>
> The remember me feature doesn't seem to work. I get logged out quite
> frequently (didn't use a stopwatch, but about 10-15 minutes of inactivity are
> sufficient to log me out)
--
This message was sent by Atlassian JIRA
(v6.1.6#6162)
