• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Remember Me Functionality Implementation

 
Vaibhav G Garg
Ranch Hand
Posts: 143
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I have to implement Remember Me Functionality in a web application. Please provide inputs to achieve the same. Also, if the cookies are disabled then what is the alternative so that if the user comes after 4-5 days, he is automatically logged in to the system when he hits the web site url.
 
harshvardhan ojha
Ranch Hand
Posts: 157
1
Android Java MySQL Database
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Vaibhav, use cookies for remember me and single sign on. I am not very sure but you can also use client IP to identify and validate him.
 
Vaibhav G Garg
Ranch Hand
Posts: 143
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
harshvardhan ojha wrote:Vaibhav, use cookies for remember me and single sign on. I am not very sure but you can also use client IP to identify and validate him.


Thanks for your inputs Harshvardhan. But, generally the IP gets allocated dynamically and hence, it will be different each and every time.
 
harshvardhan ojha
Ranch Hand
Posts: 157
1
Android Java MySQL Database
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
then the only option you are left with is cookies, BTW cookies are the reliable way. Any specific requirement?
 
Ulf Dittmer
Rancher
Pie
Posts: 42967
73
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
The way to do this are sessions, not cookies. And sessions work even in the absence of cookies (read up on URL rewriting, which is supported by the servlet specification).

And yes, using IP addresses has numerous problems that render this approach unusable in the general case.
 
harshvardhan ojha
Ranch Hand
Posts: 157
1
Android Java MySQL Database
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Ulf, how can we identify a user next time using URL rewriting? I don't think user will bookmark my URL or I can't keep my session active for so long.
 
Ulf Dittmer
Rancher
Pie
Posts: 42967
73
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Doesn't the user have to log in? At which point he'd be authenticated?

But ultimately, if the user doesn't accept cookies then hid experience of the modern web will be diminished. I think thats's a perfectly acceptable tradeoff.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic