Burton Rhodes (Migrated from SEC-1603) said:
IMHO, I think it would be extremely helpful to some web developers to be able to specify a specific page to be loaded when a user is "logged in" via rememberMeServices, right out of the box. This is especially true for developers who set the always-use-default-target="true" in the tag. If you want the tag to act in the same manor, the learning curve gets pretty steep.
It would also be useful if the user's session always needs to be re-iniated by the web application after an expired session. Having the target-url go to a page the tells the user their session has expired, they are being redirected to a "start page", and automatically logged-in is helpful.
Christopher Smith said:
I'd like to chime in in support of this feature. We need to be able to set some account information as Session attributes, and remember-me is currently useless to us without this hook. (Writing a filter is much more difficult, less reusable, and lower-performing than a success handler.)
Luke Taylor said:
The RememberMeAuthenticationFilter now supports injection of an AuthenticationSuccessHandler. Without it, the behaviour remains as it was before. Namespace support has also been added via an authentication-success-handler-ref attribute on the remember-me element.