Skip to content

Fix remember me functionality #17292

New issue
New issue
Open
Open
Fix remember me functionality#17292
Labels
status: waiting-for-triageAn issue we've not yet triagedtype: bugA general bug
@kubav182

Description

@kubav182
kubav182
opened on Jun 18, 2025

Describe the bug
There are more than 1000 opened issues and some issues are 10 years old down on the list. Some of them are about PersistentTokenBasedRememberMeServices which throws CookieTheftException when parallel requests are fired. I think its time to fix remember me functionality cause now it does not fit real world use cases so it is useless. Or let us know some working solution/configuration if we dont want to store password in cookie via TokenBasedRememberMeServices.

#2449
#2253
#2648
#3079
#3801

To Reproduce
Try to renew session with remember me by me making 2 and more parallel requests. It throws CookieTheftException.

Expected behavior
It should renew session for the first request and handle correctly others.

Metadata

Metadata

Assignees

No one assigned

    Labels

    status: waiting-for-triageAn issue we've not yet triagedtype: bugA general bug

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions