views:

32

answers:

1

Hello, I am using Spring security in my application and wish to know if there is a way to "ask" spring to only remember the user-name of the user that comes to the application (by means of the remember-me checkbox). What I could gather from the reference documentation is that Spring is able to save the userName and the password of the user, and directly log him/her in the next time. But what I want is that user be taken to the login page each time he comes back, but with his user-name already typed in.

Ofcourse if Spring doesn't have a way to do this, I would need to implement some cookie storage logic to take care of this requirement.

Many thanks for your answers as always.

+2  A: 

So, you need to set a cookie containing the user name after authentication, and access it during rendering of the login page.

If you use Spring Security 3.x, the former can be done by subclassing AuthenticationSuccessHandler (SavedRequestAwareAuthenticationSuccessHandler is the default implementation) and setting a cookie with response.addCookie().

The latter is a regular cookie access (request.getCookies(), etc).

axtavt
Thanks mate. So is it confirmed, that Spring Security f/w itself doesn't provide a way to remember only the user-name (it can remember only user-sessions) on the application?
PaiS
@PaiS: Yes, Spring Security's Remember Me doesn't support this scenario, and there are no other features for it.
axtavt

related questions