Does anyone know of a proper way of implementing a "Remember Me" or autologin function with the j_security_check?
We have an application that uses a fully in JSP implemented login, that is going to be reimplemented with the more cleaner Realm based authentication and authorization module in Tomcat. The problem is that the current solution also has a "Remember Me" function and I have no idea on how to do this properly. I have found some answers on doing this with the Valve mechanism, but isn't there a nicer way of doing this?
Joined: Sep 10, 2007
After months (well, weeks actually) of research I just gave up and implemented an open source project called SecurityFilter (http://securityfilter.sourceforge.net/). It provides pretty much the same functionality as the default servlet specification for security, but has the remember me function built in. It also provides security on application level, instead of container level. [ May 28, 2008: Message edited by: Kah Tang ]