Spring Security
  1. Spring Security
  2. SEC-1603

Add authentication-success-handler-ref attribute to <remember-me> tag

    Details

    • Type: Improvement Improvement
    • Status: Closed
    • Priority: Minor Minor
    • Resolution: Complete
    • Affects Version/s: 3.1.0.M2
    • Fix Version/s: 3.1.0.RC1
    • Component/s: Web
    • Labels:
      None
    • Environment:
      n/a

      Description

      IMHO, I think it would be extremely helpful to some web developers to be able to specify a specific page to be loaded when a user is "logged in" via rememberMeServices, right out of the box. This is especially true for developers who set the always-use-default-target="true" in the <form-login> tag. If you want the <remember-me> tag to act in the same manor, the learning curve gets pretty steep.

      It would also be useful if the user's session always needs to be re-iniated by the web application after an expired session. Having the target-url go to a page the tells the user their session has expired, they are being redirected to a "start page", and automatically logged-in is helpful.

        Issue Links

          Activity

          Hide
          Christopher Smith added a comment -

          I'd like to chime in in support of this feature. We need to be able to set some account information as Session attributes, and remember-me is currently useless to us without this hook. (Writing a filter is much more difficult, less reusable, and lower-performing than a success handler.)

          Show
          Christopher Smith added a comment - I'd like to chime in in support of this feature. We need to be able to set some account information as Session attributes, and remember-me is currently useless to us without this hook. (Writing a filter is much more difficult, less reusable, and lower-performing than a success handler.)
          Hide
          Luke Taylor added a comment -

          The RememberMeAuthenticationFilter now supports injection of an AuthenticationSuccessHandler. Without it, the behaviour remains as it was before. Namespace support has also been added via an authentication-success-handler-ref attribute on the remember-me element.

          Show
          Luke Taylor added a comment - The RememberMeAuthenticationFilter now supports injection of an AuthenticationSuccessHandler. Without it, the behaviour remains as it was before. Namespace support has also been added via an authentication-success-handler-ref attribute on the remember-me element.

            People

            • Assignee:
              Luke Taylor
              Reporter:
              Burton Rhodes
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: