try this in your <jboss_home>/server/conf/jboss-service.xml try to modify cache params
<mbean code="org.jboss.security.plugins.JaasSecurityManagerService" | name="jboss.security:service=JaasSecurityManager"> | <!-- A flag which indicates whether the SecurityAssociation server mode | is set on service creation. This is true by default since the | SecurityAssociation should be thread local for multi-threaded server | operation. | --> | <attribute name="ServerMode">true</attribute> | <attribute name="SecurityManagerClassName">org.jboss.security.plugins.JaasSecurityManager</attribute> | <attribute name="DefaultUnauthenticatedPrincipal">anonymous</attribute> | <!-- DefaultCacheTimeout: Specifies the default timed cache policy timeout | in seconds. | If you want to disable caching of security credentials, set this to 0 to | force authentication to occur every time. This has no affect if the | AuthenticationCacheJndiName has been changed from the default value. | --> | <attribute name="DefaultCacheTimeout">0</attribute> | <!-- DefaultCacheResolution: Specifies the default timed cache policy | resolution in seconds. This controls the interval at which the cache | current timestamp is updated and should be less than the DefaultCacheTimeout | in order for the timeout to be meaningful. This has no affect if the | AuthenticationCacheJndiName has been changed from the default value. | --> | <!-- <attribute name="DefaultCacheResolution">60</attribute> --> | </mbean> Also in your jboss-web.xml define flushOnSessionInvalidation="true" <jboss-web> | <security-domain flushOnSessionInvalidation="true" >java:jaas/eluminate</security-domain> | </jboss-web> | Let me know if it works Thanks Nipun View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4022662#4022662 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4022662 _______________________________________________ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user