Opencast uses a harded coded remember-me cookie. The remember-me cookie is created by hashing the username, password, and an additional system key, allowing anyone with an access to the remember-me token for one server to compromise all servers using the same credentials.