Wolfgang,
Thanks for your responses.
I think we kind of fixed it. Got the clue from the security FAQ # 3
(http://www.jboss.org/community/docs/DOC-12198)
Our code creates its own login-config.xml and that one was missing the
following from the ClientLoginModule
<!-- Any existing security context will be restored on logout -->
<module-option name="restore-login-identity">true</module-option>
After adding this to the file, the exception is not thrown anymore.
Would you be able to explain what exactly this option does or where can I find
more info on it.
I will also be reading a little more on JBoss 5.0.0 security.
Something that's interesting is that the custom login-config.xml file created
by our tool, works fine wirh JBoss 4.2.3 (without adding the above lines). Only
throws exception with JBoss 5.0.0.
Thanks
View the original post :
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4222469#4222469
Reply to the post :
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4222469
_______________________________________________
jboss-user mailing list
jboss-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/jboss-user
