I have my Spring MVC & Spring Security up and running as suggested by Spring's own reference application "petclinic". Everything's fine except that the login does not persist a browser restart.
What has to be considered to make sure a logged in user does not need to relogin after browser restart?