Uploaded image for project: 'PUBLIC - Liferay Portal Community Edition'
  1. PUBLIC - Liferay Portal Community Edition
  2. LPS-56503

As a Portal Administrator - I would like tokens to be used to autologin users instead of storing the password in a cookie.

    Details

      Description

      Currently, when a user signs into the portal with the "Remember Me" option checked, the portal stores that user's password in the cookie.

      This can be a security risk. Instead, the feature request is to not store the password in the cookie, and use tokens to autologin the user.

      This post provides a description of how this might be accomplished.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              zsigmond.rab Zsigmond Rab
              Reporter:
              michael.wine Michael Wine
              Votes:
              2 Vote for this issue
              Watchers:
              2 Start watching this issue

                Dates

                Created:
                Updated:

                  Packages

                  Version Package