1

After connecting to udemy course or gmail inbox through my login, browser never again asks for user authentication.

Need to delete browser history, to re-enter user authentication on both chrome & firefox.

What is the cache mechanism of a browser to retrieve & maintain such user information persistently, on hard disk? Is server involved in this cache mechanism?

overexchange
  • 15,768
  • 30
  • 152
  • 347
  • I would go for cookies – jeprubio Dec 24 '17 at 05:29
  • @jeprubio Is cookie creation & maintenance has nothing to do with back end server? – overexchange Dec 24 '17 at 05:34
  • Is usually the way browsers remember the user is logged in. Remove the cookies and you'll see you are not logged in anymore. – jeprubio Dec 24 '17 at 05:38
  • @jeprubio wiki says, *is a small piece of data sent from a website and stored on the user's computer by the user's web browser while the user is browsing* So, Is cookie created by server and sent to client browser? – overexchange Dec 24 '17 at 05:42

1 Answers1

1

You should have a look at Improved Persistent Login Cookie Best Practice.

And also here.

You basically need cookies to remember that the user has logged in. But never save things like the username and password, just a token.

jeprubio
  • 17,312
  • 5
  • 45
  • 56
  • To do it with java I would follow this guide https://stackoverflow.com/questions/5082846/how-to-implement-stay-logged-in-when-user-login-in-to-the-web-application I've read it and all seems correct. – jeprubio Dec 24 '17 at 09:39