Hello folks, I'm using Jboss 4.0.2. I still have some problems with login modules. My login-config.xml follows:
<application-policy name = "CpRealm"> | <authentication> | <login-module code = "com.ciccio.pasticcio.CpLoginModule" flag = "required"> | <module-option name="hashAlgorithm">MD5</module-option> | <module-option name="hashEncoding">base64</module-option> | </login-module> | </authentication> | </application-policy> | The LogoutAction is invalidating the session in its execute() method: httpServletRequest.getSession().invalidate(); I'm logging the login() and logout() methods of com.ciccio.pasticcio.CpLoginModule and the result is summarized in the following use case: 1) I start Jboss 1.1) I start Iexplorer and login as userA: login() is called 1.2) logout as userA: execute() is called, logout() is NOT called 1.1) I login again as userA: login() is NOT called 1.2) I logout as userA: same as 1.2) 1.3) restart Iexplorer, login as userA: login() is NOT called 1.4) logout as userA, same as 1.2) 1.5) I login as userB: login() is called 1.6) logout as userB: same as 1.2) 2) Restart Jboss, NOT Iexplorer 1.1) login as userA: login() is called the rest is same as above I tried the following configuration: <application-policy name = "CpRealm"> | <authentication> | <login-module code = "com.ciccio.pasticcio.CpLoginModule" flag = "required"> | <module-option name="hashAlgorithm">MD5</module-option> | <module-option name="hashEncoding">base64</module-option> | </login-module> | <login-module code = "org.jboss.security.ClientLoginModule" flag = "required"> | <module-option name="multi-threaded">true</module-option> | <module-option name="password-stacking">useFirstPass</module-option> | </login-module> | </authentication> | </application-policy> | nothing changed. Can anyone explain me where I'm doing wrong, please? thanks View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3889526#3889526 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3889526 ------------------------------------------------------- SF.Net email is Sponsored by the Better Software Conference & EXPO September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf _______________________________________________ JBoss-user mailing list JBoss-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-user