[jbossseam-issues] [JBoss JIRA] Closed: (JBSEAM-863) Remember-Me automatic authentication
Gavin King (JIRA)
jira-events at lists.jboss.org
Sat Feb 17 11:32:31 EST 2007
[ http://jira.jboss.com/jira/browse/JBSEAM-863?page=all ]
Gavin King closed JBSEAM-863.
-----------------------------
Resolution: Won't Fix
We discussed this and decided against it. All web browsers are able to remember passwords and match them to user ids, so remembering the user id is enough.
Note that hashing the password doesn't help, since its easy to just find the hashed value in the cookies and send that to the server.
> Remember-Me automatic authentication
> ------------------------------------
>
> Key: JBSEAM-863
> URL: http://jira.jboss.com/jira/browse/JBSEAM-863
> Project: JBoss Seam
> Issue Type: Feature Request
> Components: Security
> Reporter: H T
> Fix For: 1.1.7.GA
>
>
> Extend the behaviour of Remember-Me to automatically authenticate the user after they have selected the "Remember Me" service rather than have him or her re-enter their password each time.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the seam-issues
mailing list