views:

78

answers:

1

I have implemented spring security's remember me feature in our app, the way i understand it, If user opens main page directly and he is not authenticated by spring, he is taken to the login page. if he is authenticated, he stays on the main page.

However in our application, the user is likely to start the login page first (and is likely to have bookmarked our login page)

Is there any way by which the login page is smart enough to understand that the user is authenticated and redirect itself to the main page ?

I thought this approach:

Login page looks for spring's cookie, finds it, assumes user is authenticated, redirects to main page.

Problem with this approach: Suppose user is no longer valid, Login finds the cookie, redirects to main, Main does not find user to be valid, returns to login, login finds cookie, redirects to main ....and so on

Is there any other way for the remember me to be implemented ?

Or is there any way for login to (make an ajax call) and authenticate the user using that cookie ?

A: 

Solution resolved by the answer given by matt raible in

matt raible's reply

Salvin Francis