User can login using username or email address. If current domain is not bound to any subsystem, user can select the subsystem to login into. To hide subsystem selection, set property login.select.subsystem to false in conf/system.properties.
login.select.subsystem=falseClear cache under system module, and system.properties will be reloaded.
cookie name: credential cookie value: username/double-encoded-passwordThe password is encoded twice using one-way MD5 hash, and it is not possible to guess plain password.
Cookie age can be configured in the ViewConfig of an embedded login object using parameter credential.cookie.age. Its value is a number of days. Default cookie age is 90 days.
The cookie expiration date will be refresh every time the cookie is used to authenticate user successfully. So the cookie will never expire if user accesses the system/subsystem before its expiration date.
<viewConfig> <param name="credential.cookie.age" value="120" /> </viewConfig>
The credential cookie will be removed in the following cases:
If user changes password, the credential cookie will become invalid. The cookie will be removed once the system fails to authenticate the user by the cookie.