Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Chapter on config, as of upcoming 1.3.0

HTTP Login Adapter

The login-service-adapter org.clazzes.login.adapter.http listens for providers of the DomainPasswordLoginService interface and exports them adapted as a HttpLoginService (see


Starting with version 1.2.0 of http-login-adapter, the timezone of the user logging in is determined via javascript and propagated to the server as the login time zone, when the configuration parameter doTimeZoneDetection=true is set. The login timezone may be queried using HttpLoginServer.getTimeZone() or ThreadLocalManager.getLoginTimeZone() when using HttpCheckLoginInterceptor of http-aop-util-1.2.0 or later

URL scheme and parameters

The login time zone and/or login local may be overwritten using URL parameters to the login service like in the following examples:

login URLremarks
login with the browser's default locale and Los Angeles time zone
login with a timezone with fixed offset and a french locale.
login with a french canadian locale.


There is a small testpad application to play with this adapter.





The following configuration overview is valid as of version 1.3.0, which will be released around 2013-10-28.

doTimeZoneDetectionSet to true for multi-time-zone applications. Defaults to false.
failureTimeoutDelay penalty after bad login attempts, in ms. Default to 500.
secureCookieWether to flag the session cookie as secure. Defaults to false.
Set to true for https-only operations, which is highly recommended.
sessionCookieName of session cookie. Defaults to LOGIN_SESSION_ID.
sessionTimeoutSession timeout in minutes. Defaults to 180 (=3 hours).