Join GitHub today
GitHub is home to over 31 million developers working together to host and review code, manage projects, and build software together.Sign up
[Security] Remember me does not check the checkPreAuth #10242
I was debugging a situation where a user is still logged in our system after we blocked the user. I found that the RememberMeAuthenticationProvider does not check the checkPreAuth. The user could still browse the system after we blocked them.
I found this pull request #9902