OK, here is something that hasn't really been made clear on any posts I have read in
this forum. If you want to use Tomcat with the clientloginmodule on the client side
and want the server side to log you in using a databaseservermodule you have to
perform the jaas client login and logout every time you send a request for a page.
If you do not do this it will lead to unpredictable results. The JBoss login module
ClientLoginModule has an optional parameter for multi-threaded behaviour. If this
parameter is set to false, the login will be global, meaning that the same user
credentials will be associated with any request. This can for example lead to all
users sharing the identity of the user who last logged in. When set to true, user
credentials will be associated with a particular thread, leading to a user not being
logged in or unexpectedly changing identify.
View the original post :
http://www.jboss.org/index.html?module=bbop=viewtopicp=3831427#3831427
Reply to the post :
http://www.jboss.org/index.html?module=bbop=postingmode=replyp=3831427
---
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id=1470alloc_id=3638op=click
___
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user
