[
http://jira.jboss.com/jira/browse/JBSEAM-863?page=all ]
Gavin King closed JBSEAM-863.
-----------------------------
Resolution: Won't Fix
We discussed this and decided against it. All web browsers are able to remember passwords
and match them to user ids, so remembering the user id is enough.
Note that hashing the password doesn't help, since its easy to just find the hashed
value in the cookies and send that to the server.
Remember-Me automatic authentication
------------------------------------
Key: JBSEAM-863
URL:
http://jira.jboss.com/jira/browse/JBSEAM-863
Project: JBoss Seam
Issue Type: Feature Request
Components: Security
Reporter: H T
Fix For: 1.1.7.GA
Extend the behaviour of Remember-Me to automatically authenticate the user after they
have selected the "Remember Me" service rather than have him or her re-enter
their password each time.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira