RE: [JBoss-user] JaasSecurityManagerSercvice flushing credentials

Fri, 28 Feb 2003 07:10:24 -0800 

Hi!
        The problem is that authentication isn't running again.
        After I update my password, the user looses all its roles. If I try to
execute any method on EJBs, I get an
error. I have also inserted a printf before and after executing the code to
flush credentials:

This code is executed from a Servlet:
if(request.isUserInRole("XPTO")) {
System.out.println("USER IS IN ROLE XPTO");
} else {
System.out.println("USER IS NOOOTTTT IN ROLE XPTO");
}

Before I update credentials, the isUserInRole returns "true". After
executing the updatePasswd which flushes credentials, the isUserInRole call
returns "false"

        Acording to you, the call after flishing credentials should also return
true, right?

        I am using JBoss3.0.4 with bundled Tomcat 4.0.6. Can this be the problem?

        Thanks again,
                Victor Batista







Hi,

That is right, but you should not think about that , beacause with next
access on each method on server,
the authentication will run again, and therefore the user will have all
new changes.


-----Ursprüngliche Nachricht-----
Von: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Im Auftrag von Victor
Batista
Gesendet: Freitag, 28. Februar 2003 11:33
An: [EMAIL PROTECTED]
Betreff: RE: [JBoss-user] JaasSecurityManagerSercvice flushing
credentials


Hi!
        Thanks for your reply!
        I think that, even with the method you refer, I'll continue
having the problem. Suppose I am user xpto, and I have somewhere in the
application (web in my case), the opportunity to change my password. In
this case I should flush my credentials, being them dropped from memory!
        If credentials are dropped from memory (after being flushed),
the user which is logged looses all its credentials?
        Is the behavior I am getting normal?

        Thanks,
                Victor Batista

-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of David Ward
Sent: quinta-feira, 27 de Fevereiro de 2003 20:32
To: [EMAIL PROTECTED]
Subject: Re: [JBoss-user] JaasSecurityManagerSercvice flushing
credentials


I have submitted this RFE that will allow flusing of just a single
user's credentials:
http://sourceforge.net/tracker/index.php?func=detail&aid=677614&group_id
=228
66&atid=376688

Hers is the original email thread:
http://www.mail-archive.com/jboss-user%40lists.sourceforge.net/msg25514.
html

Scott Stark has picked it (the RFE) up and has said he would try to get
it in the next version.  I am hoping that means JBoss 3.0.7, not just
the final 3.2 release.

David

--

Victor Batista escribió::
> Hello!
>       I am having problems after flushing the authentication cache at
> runtime.
I
> am using the code which is at the bottom of the email. The flush is
> done correctly, although, the user which executes this code looses all

> its permissions after this. According to the documentation this code
> drops all cached credentials and flushes them to the specified
> DataSource. How can I avoid to have the credentials being dropped from

> memory, or how can I
reload
> them.
>       I am using this code only when I update User's data (Roles
and/or
> Password).
>
>       Any help would be welcome.
>       Thanks in advance,
>               Victor Batista
>
>
>       java.util.ArrayList servers =
>               MBeanServerFactory.findMBeanServer(null);
>         if (servers.size() != 1)
>             throw new EJBException("Not exactly one server found");
>         MBeanServer mbeanServer = (MBeanServer) servers.get(0);
>         String[] params = { "DCSapdbDB" };
>         String[] signature = { "java.lang.String" };
>         try {
>             ObjectName name =
>                 new ObjectName(
>                     "jboss.security",
>                     "service",
>                     "JaasSecurityManager");
>             mbeanServer.invoke(
>                 name,
>                 "flushAuthenticationCache",
>                 params,
>                 signature);
>
>         } catch (Exception e) {
>             e.printStackTrace();
>             throw new EJBException(e);
>         }
>
>
>



-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf _______________________________________________
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user



-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf _______________________________________________
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user


-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user



-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user

Reply via email to