[jboss-user] [JBoss Seam] - Re: Security Remember Me Functionality
hstang
do-not-reply at jboss.com
Fri Feb 16 18:35:07 EST 2007
Just wondering whether it's possible to extend the behaviour of the Remember Me to automatically authenticate the user after they have selected the "Remember Me" service rather than have him or her re-enter their password.
Perhaps store a cookie of the following format:
username + expiry + hash[username + expiry + password]
Then upon cookie retrival, validate expiry, obtain password from username, re-calculate and validate hash[username + expiry + password]
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4017957#4017957
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4017957
More information about the jboss-user
mailing list