Hi @all,
i want to use the rememberme for a failover. I have overridden the
org.apache.shiro.web.mgt.CookieRememberMeManager to build my rememberme
cookies the way i want. As shiro does not support login on rememberme
out of the box, i want to ask where the best place is to do the
subject.login()?
Currently i extend the
org.tynamo.security.services.impl.SecurityConfiguration and in the
service() i do:
final WebSubject subject = new WebSubject.Builder(securityManager,
originalRequest, response).buildWebSubject();
if(subject != null && ! subject.isAuthenticated() &&
subject.getPrincipals() != null){
//read cookie credentials
subject.login();
It works, but i think this is not the best place?
Any suggestions are welcome.
Kind regards
David
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
