diff --git a/src/main/java/net/slipp/social/security/SlippTokenBasedRememberMeServices.java b/src/main/java/net/slipp/social/security/SlippTokenBasedRememberMeServices.java
index e8a97d20..4c9bef4a 100644
--- a/src/main/java/net/slipp/social/security/SlippTokenBasedRememberMeServices.java
+++ b/src/main/java/net/slipp/social/security/SlippTokenBasedRememberMeServices.java
@@ -10,7 +10,10 @@
 
 import net.slipp.domain.ProviderType;
 
+import org.springframework.security.authentication.RememberMeAuthenticationToken;
 import org.springframework.security.core.Authentication;
+import org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper;
+import org.springframework.security.core.authority.mapping.NullAuthoritiesMapper;
 import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.security.crypto.codec.Hex;
@@ -20,6 +23,7 @@
 import org.springframework.util.StringUtils;
 
 public class SlippTokenBasedRememberMeServices extends AbstractRememberMeServices {
+    private GrantedAuthoritiesMapper authoritiesMapper = new NullAuthoritiesMapper();
     /**
      * @deprecated Use with-args constructor
      */
@@ -31,14 +35,12 @@ public SlippTokenBasedRememberMeServices(String key, UserDetailsService userDeta
         super(key, userDetailsService);
     }
 
-    //~ Methods ========================================================================================================
-
     @Override
     protected UserDetails processAutoLoginCookie(String[] cookieTokens, HttpServletRequest request,
             HttpServletResponse response) {
 
         if (cookieTokens.length != 4) {
-            throw new InvalidCookieException("Cookie token did not contain 3" +
+            throw new InvalidCookieException("Cookie token did not contain 4" +
                     " tokens, but contained '" + Arrays.asList(cookieTokens) + "'");
         }
 
@@ -67,8 +69,7 @@ protected UserDetails processAutoLoginCookie(String[] cookieTokens, HttpServletR
         // If efficiency was a major issue, just add in a UserCache implementation,
         // but recall that this method is usually only called once per HttpSession - if the token is valid,
         // it will cause SecurityContextHolder population, whilst if invalid, will cause the cookie to be cancelled.
-        String expectedTokenSignature = makeTokenSignature(tokenExpiryTime, userDetails.getUsername(),
-                userDetails.getPassword(), userDetails.getProviderType());
+        String expectedTokenSignature = makeTokenSignature(tokenExpiryTime, userDetails.getUsername(), userDetails.getPassword());
 
         if (!equals(expectedTokenSignature,cookieTokens[2])) {
             throw new InvalidCookieException("Cookie token[2] contained signature '" + cookieTokens[2]
@@ -77,6 +78,14 @@ protected UserDetails processAutoLoginCookie(String[] cookieTokens, HttpServletR
 
         return userDetails;
     }
+    
+    protected Authentication createSuccessfulAuthentication(HttpServletRequest request, UserDetails user) {
+        RememberMeAuthenticationToken auth = new RememberMeAuthenticationToken(getKey(), user,
+                authoritiesMapper.mapAuthorities(user.getAuthorities()));
+        SlippUser slippUser = (SlippUser)user;
+        auth.setDetails(slippUser.getProviderType());
+        return auth;
+    }
 
 	private SlippUser getSlippUserDetails(ProviderType providerType, String firstCookieToken) {
         if (providerType == ProviderType.slipp) {
@@ -91,8 +100,8 @@ private SlippUser getSlippUserDetails(ProviderType providerType, String firstCoo
      * Calculates the digital signature to be put in the cookie. Default value is
      * MD5 ("username:tokenExpiryTime:password:key")
      */
-    protected String makeTokenSignature(long tokenExpiryTime, String username, String password, ProviderType provider) {
-        String data = username + ":" + tokenExpiryTime + ":" + password + ":" + getKey() + ":" + provider.name();
+    protected String makeTokenSignature(long tokenExpiryTime, String username, String password) {
+        String data = username + ":" + tokenExpiryTime + ":" + password + ":" + getKey();
         MessageDigest digest;
         try {
             digest = MessageDigest.getInstance("MD5");
@@ -137,9 +146,9 @@ public void onLoginSuccess(HttpServletRequest request, HttpServletResponse respo
         // SEC-949
         expiryTime += 1000L* (tokenLifetime < 0 ? TWO_WEEKS_S : tokenLifetime);
 
-        String signatureValue = makeTokenSignature(expiryTime, username, password, providerType);
+        String signatureValue = makeTokenSignature(expiryTime, username, password);
 
-        setCookie(new String[] {username, Long.toString(expiryTime), signatureValue}, tokenLifetime, request, response);
+        setCookie(new String[] {username, Long.toString(expiryTime), signatureValue, providerType.name()}, tokenLifetime, request, response);
 
         if (logger.isDebugEnabled()) {
             logger.debug("Added remember-me cookie for user '" + username + "', expiry: '"
diff --git a/src/main/java/net/slipp/support/web/UserValidateInterceptor.java b/src/main/java/net/slipp/support/web/UserValidateInterceptor.java
deleted file mode 100644
index 830f607d..00000000
--- a/src/main/java/net/slipp/support/web/UserValidateInterceptor.java
+++ /dev/null
@@ -1,34 +0,0 @@
-package net.slipp.support.web;
-
-import javax.annotation.Resource;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import net.slipp.domain.user.SocialUser;
-import net.slipp.support.security.SessionService;
-
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
-
-public class UserValidateInterceptor extends HandlerInterceptorAdapter {
-    private static Logger log = LoggerFactory.getLogger(UserValidateInterceptor.class);
-    
-    @Resource (name = "sessionService")
-    private SessionService sessionService;
-    
-    @Override
-    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
-        log.debug("start user validate!");
-        Object user = request.getAttribute(GlobalRequestAttributesInterceptor.DEFAULT_LOGIN_USER_REQUEST_KEY);
-        if (user == null) {
-            return super.preHandle(request, response, handler);
-        }
-        
-        SocialUser socialUser = (SocialUser)user;
-        if (socialUser.isGuest()) {
-            return super.preHandle(request, response, handler);
-        }
-        return super.preHandle(request, response, handler);
-    }
-}
diff --git a/webapp/WEB-INF/slipp-servlet.xml b/webapp/WEB-INF/slipp-servlet.xml
index dda979af..18a64abc 100644
--- a/webapp/WEB-INF/slipp-servlet.xml
+++ b/webapp/WEB-INF/slipp-servlet.xml
@@ -19,11 +19,6 @@
 
 	<mvc:interceptors>
 		<bean class="net.slipp.support.web.GlobalRequestAttributesInterceptor" />
-		
-		<mvc:interceptor>
-		    <mvc:mapping path="/"/>
-		    <bean class="net.slipp.support.web.UserValidateInterceptor" />
-		</mvc:interceptor>		
 	</mvc:interceptors>
 
 	<context:component-scan base-package="net.slipp.web">