[LPS-56503] As a Portal Administrator - I would like tokens to be used to autologin users instead of storing the password in a cookie. - Liferay Issues

XML

Word

Printable

Details

Type: Feature Request
Status: Pending Further Research
Priority: Minor
Resolution: Unresolved
Affects Version/s: None
Fix Version/s: None
Component/s: Application Security > Auto Login
Labels:
- SME-could-7.2
- ee-nf

Description

Currently, when a user signs into the portal with the "Remember Me" option checked, the portal stores that user's password in the cookie.

This can be a security risk. Instead, the feature request is to not store the password in the cookie, and use tokens to autologin the user.

This post provides a description of how this might be accomplished.

Attachments

Issue Links

mentioned in: Page Loading...

Activity

People

Assignee:: Zsigmond Rab

Reporter:: Michael Wine

Votes:: 2 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 18/Jun/15 2:52 PM

Updated:: 18/Apr/22 10:11 AM

Packages

Version	Package