Hi Les, I debugged the filter and rememberme manager. Probably I misunderstand something.
Should the rememberme manager recreate the subject as authenticated user, or just validate the cookie content, recreate the subject with roles, but not mark it as authenticated? The information what the home page displays suggests that the user is valid (logged in) on server side - as it shows the username and roles. But than again it is a sample application. So the change needed in the sample app is to show the username in the login window that was displayed during a non-authenticated acccess to the protected 'account' page with a valid principal in the session, and perhaps display on the home page that the subject is not authenticated? Thanks, Csaba Les Hazlewood-2 wrote: > > Hi Csaba, > > It did work prior to 9.0 final, but there were some changes/moves with all > the sample applications that might cause it to fail. There is currently a > Jira issue to ensure that all sample apps run successfully, as a sanity > check, before releasing 1.0. > > Of course, we'd love to have any contributions you might have that point > out > where something is failing! I'm very appreciative of any feedback you may > have. > > Best, > > Les > > On Mon, Feb 2, 2009 at 5:05 PM, Csaba Nemeth <[email protected]> > wrote: > >> >> As it looks like the sample web application should work with remember-me >> functionality by default. >> >> Here is what I try: >> I click login >> I select remember-me checkbox, enter username/password and successfully >> login >> I can visit the 'account' page >> I restart browser and visit home page, it looks like I am still logged >> in >> when I try to access the 'account' page I am given a login page as if I >> wasn't logged in. >> >> Am I missing something? >> Shouldn't this work out of the box? >> >> I tried with 9.0 final and 1.0 snapshot - both work the same way. >> >> Thanks, >> Csaba >> -- >> View this message in context: >> http://n2.nabble.com/rememberme-doesn%27t-work-in-sample-web-application-tp2260537p2260537.html >> Sent from the JSecurity User mailing list archive at Nabble.com. >> >> > > -- View this message in context: http://n2.nabble.com/rememberme-doesn%27t-work-in-sample-web-application-tp2260537p2263828.html Sent from the JSecurity User mailing list archive at Nabble.com.
