I have to implement Remember Me Functionality in a web application. Please provide inputs to achieve the same. Also, if the cookies are disabled then what is the alternative so that if the user comes after 4-5 days, he is automatically logged in to the system when he hits the web site url.
Vaibhav, use cookies for remember me and single sign on. I am not very sure but you can also use client IP to identify and validate him.
Vaibhav G Garg
Ranch Hand
Joined: Sep 23, 2011
Posts: 83
posted
0
harshvardhan ojha wrote:Vaibhav, use cookies for remember me and single sign on. I am not very sure but you can also use client IP to identify and validate him.
Thanks for your inputs Harshvardhan. But, generally the IP gets allocated dynamically and hence, it will be different each and every time.
then the only option you are left with is cookies, BTW cookies are the reliable way. Any specific requirement?
Ulf Dittmer
Marshal
Joined: Mar 22, 2005
Posts: 35241
7
posted
0
The way to do this are sessions, not cookies. And sessions work even in the absence of cookies (read up on URL rewriting, which is supported by the servlet specification).
And yes, using IP addresses has numerous problems that render this approach unusable in the general case.
Ulf, how can we identify a user next time using URL rewriting? I don't think user will bookmark my URL or I can't keep my session active for so long.
Ulf Dittmer
Marshal
Joined: Mar 22, 2005
Posts: 35241
7
posted
0
Doesn't the user have to log in? At which point he'd be authenticated?
But ultimately, if the user doesn't accept cookies then hid experience of the modern web will be diminished. I think thats's a perfectly acceptable tradeoff.
0
