New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support For Reactive RememberMe Authentication #5504
Comments
@rwinch |
Sorry for the lack of response. With the ease of offloading sessions with things like Spring Session we generally just recommend using a longer session expiration and offloading the sessions into an external data store (i.e. Redis). There is already a hook with the ServerAuthenticationSuccessHandler which can mark the session maxIdleTime to be an increased value. Does this meet your needs? |
@rwinch You mean to say that the whole mechanish of RememberMe Authentication was develoved |
Yes. There are some features you may need in regards to marking when the user authenticated so you can perhaps perform custom authorization logic based on the amount of time that the last authentication occurred |
Thanks Rob. I got your point. |
For smaller monolith apps, it is still useful to be able to store the session tokens into the main DB and not have to deploy another storage (Spring session doesn't support Mongo). |
@cbornet Spring Session support MongoDb. Plese check this project: |
If you would like us to look at this issue, please provide the requested information. If the information is not provided within the next 7 days this issue will be closed. |
yeah, "supported". that MongoDB project last commit was 1.5 years ago (at the moment of this writing). Also look at how no one comments on issues over there, it's more a dead project than alive. |
I can't find the support for Reactive RemberMe Authentication based on Token and Persistence Store in
Reactive Web Security. For Persistence Remember Me we can use MongoDB instead of JDBC to keep
up the reactive means.
The text was updated successfully, but these errors were encountered: