[JBoss-user] configure JAAS Security

2004-06-15 Thread Anjulatha Vellanki 
Hi ,
 
I am using JAAS Security Manager for my application. 
The loginModule used is DatabaseServerLoginModule.
 
The user, password information and user role information is stored in database.
 
In my application user's roles may get updated based on some actions.
 
The problem i am facing is:
 
when the user's roles change jboss is not reflecting that information in the sense that the
user is not able to access some resources which he should be able to access as his roles are changed now.
 
I understood that this is something related to cache. So i set some small value for the
DefaultCacheTimeout attribute of JassSecurityManager mbean in the jboss-service.xml file and it helped but is this the only method to tell jboss about when to refresh the cache to get the user credentials or is there any other method to set the cachetimeout. Because if i define small value for DefaultCachetimeout for JassSecurity Manager the load on the jboss is increasing as there are lot of other applications running.
 
 
Can somebody tell me how to set JAAS security manager using DataBaseServerLoginModule such that it always gets the correct user role mapping information from the database. 
 
 
Thanks
Anju
		Do you Yahoo!?Friends.  Fun. Try the all-new Yahoo! Messenger

[JBoss-user] questions in JBoss security

2004-02-12 Thread Anjulatha Vellanki 



I went through the online manual -> JBoss 2.4+ Documentation. I have questions in JBoss security. 
1. What is the difference between Client side login modules and Server side login modules?
Usually we will use Server side login module when working with web applications right. (To implement the behavior of the JaasSecurityManager)
Where do we use Client side login modules? Can somebody give me an example?
2. How are role groups defined? What is the use of them?
    In J2EE specs user groups were mentioned but nothing was mentioned about role groups.
If role groups can be used in JBoss how can they be specified in the deployment descriptors? Can somebody give me an example?
 
Thanks,
Anju
Do you Yahoo!?
Yahoo! Finance: Get your refund fast by filing online

[JBoss-user] significance of jars in JBOSS-HOME/lib directory

2004-02-11 Thread Anjulatha Vellanki 
Can somebody tell me the significance of jars in JBOSS-HOME/lib directory? 
 
when Jboss loads these jars?
where the classpath is specified?
are all the jars in this directory required by Jboss?
can i add new jars?
 
Thanks
Anju
 
 
 
Do you Yahoo!?
Yahoo! Finance: Get your refund fast by filing online