SEC-1603: Add authentication-success-handler-ref attribute to <remember-me> tag #1842

spring-issuemaster opened this Issue Oct 26, 2010 · 2 comments


None yet
1 participant

Burton Rhodes (Migrated from SEC-1603) said:

IMHO, I think it would be extremely helpful to some web developers to be able to specify a specific page to be loaded when a user is "logged in" via rememberMeServices, right out of the box. This is especially true for developers who set the always-use-default-target="true" in the tag. If you want the tag to act in the same manor, the learning curve gets pretty steep.

It would also be useful if the user's session always needs to be re-iniated by the web application after an expired session. Having the target-url go to a page the tells the user their session has expired, they are being redirected to a "start page", and automatically logged-in is helpful.

Christopher Smith said:

I'd like to chime in in support of this feature. We need to be able to set some account information as Session attributes, and remember-me is currently useless to us without this hook. (Writing a filter is much more difficult, less reusable, and lower-performing than a success handler.)

Luke Taylor said:

The RememberMeAuthenticationFilter now supports injection of an AuthenticationSuccessHandler. Without it, the behaviour remains as it was before. Namespace support has also been added via an authentication-success-handler-ref attribute on the remember-me element.

@spring-issuemaster spring-issuemaster added this to the 3.1.0.RC1 milestone Feb 5, 2016

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment