Stack Overflow
Stack Overflow

Questions tagged [remember-me]

A way to store personal information to make it easier for a user to fill in forms or login to websites at a later time.

A "remember me" option is often used on login forms on websites. It is represented as a checkbox labeled "remember me" and stores either the username or a login token to re-login the user when visiting the website again.

525 questions
7
votes
1 answer

Issue with Spring Security remember me token not being set on SecurityContextHolder

I am encountering an issue with my remember me configuration: [nio-8080-exec-8] s.s.w.a.r.RememberMeAuthenticationFilter : SecurityContextHolder not populated with remember-me token, as it already contained:…
balteo
  • 23,602
  • 63
  • 219
  • 412
7
votes
2 answers

Is there a solution to the hole in "Improved Persistent Login Cookie Best Practice"?

Initial idea: In the article "Improved Persistent Login Cookie Best Practice," (http://jaspan.com/improved_persistent_login_cookie_best_practice) bjaspan suggests a clever means of catching a would-be cookie thief by creating a series identifier,…
xtraorange
  • 1,456
  • 1
  • 16
  • 37
7
votes
1 answer

Implementing remember me with token and series across multiple devices

I am attempting to implement a "remember me" utility using the system outlined here: Improved persistent login cookie However there is an issue with the logic here for me and was wondering if anyone can clear this up for me. A user is given a…
George Reith
  • 13,132
  • 18
  • 79
  • 148
7
votes
4 answers

How to implement remember me programatically in symfony2?

I have implemented a login function programmatically. This code is following: $token = new UsernamePasswordToken($user, $user->getPassword(), 'main', $user->getRoles()); $this->get('security.context')->setToken($token); $event = new…
Yajap
  • 365
  • 1
  • 3
  • 10
6
votes
1 answer

Best way for hashing a "remember me" cookie token

I'm trying to implement a "remember me" feature, following the guidelines provided here: The definitive guide to form-based website authentication, and here: http://fishbowl.pastiche.org/2004/01/19/persistent_login_cookie_best_practice/ It appears…
Maxime Pacary
  • 22,336
  • 11
  • 85
  • 113
6
votes
2 answers

Spring Security RememberMe Services with Session Cookie

I am using Spring Security's RememberMe Services to keep a user authenticated. I would like to find a simple way to have the RememberMe cookie set as a session cookie rather than with a fixed expiration time. For my application, the cookie should…
Jarrod Carlson
  • 1,967
  • 4
  • 16
  • 20
6
votes
1 answer

Silex / Symfony2 Remember Me Authentication User Interface RedBean Wrapper

I've been trying to use RedBean ORM (http://redbeanphp.com) to implement UserInterface and UserProviderInterface of the Silex Security Provider Package. Because of the way the RedBean ORM handles functions for its objects, I've needed to wrap the…
christian
  • 2,279
  • 4
  • 31
  • 42
6
votes
5 answers

How to Remember username or password for login form

I have created a sample Login form in C# Windows Form Application and what I want is to add Remember username or password feature to my login form. I just need to provide my username, cause it will remember my password and automatically fill in the…
Smith
  • 137
  • 2
  • 2
  • 5
6
votes
6 answers

Chapter 8 Rails Tutorial Remember Token Errors

This chapter is on adding remember tokens to ensure that the user signin status is remembered and that the session is only cleared when the user explicitly signs out. I understand the importance of having this feature in my app, so want to make sure…
skirmishdirmish
  • 63
  • 1
  • 3
5
votes
2 answers

How can I listen for “remember me” reauthentication events in Symfony2?

Using “normal” — not “remember me” authentication — I can set a success and failure handlers, adding this to the security.yml file: form_login: # ... success_handler: authentication_handler failure_handler: authentication_handler But I…
Elnur Abdurrakhimov
  • 44,533
  • 10
  • 148
  • 133
5
votes
2 answers

Rails -- "remember me" capability

I am having trouble understanding the implementation of "Remember Me" in the Ruby on Rails Tutorial by Michael Hartl. He creates a SessionsHelper module with methods for signing in, containing the following: module SessionsHelper def…
Kvass
  • 8,294
  • 12
  • 65
  • 108
5
votes
5 answers

Difference between creating a session and a cookie?

I'm working on my first website with the Play! framework, and at one point I'm calling this method when the user logs in: static void connect(User user){ session.put("userid", user.id); } Simply storing the userid in a session, and I can check…
user393964
5
votes
1 answer

Do not ask login for rememberMe users in checkout process etc. in SAP Hybris

When I make rememberMe(spring security) active in Hybris, I want rememberMe users to behave like Hard Login users. I mean, I would like those rememberMe users (soft login) to not face any obstacle like when they want to proceed in the checkout…
Hatip Kabak
  • 316
  • 2
  • 22
5
votes
2 answers

Best way for authentication in PHP

What's the best and most secure way to go when writing an authentication library in a model-view-controller way? The things that give me a hard time are keeping track of the users activity and remembering users via a cookie or storing sessions in…
John Hank
5
votes
2 answers

remember_me with warden

For my lastest project I'm using https://github.com/hassox/rails_warden. It suits my needs very well except that I can't find a good way to implement remember_me. I know that it's notoriously difficult to get remember_me right from a security point…
opsb
  • 29,325
  • 19
  • 89
  • 99
1 2 3
34 35