R: Realm authentication & password change
Thanks Adam, I was deriving from the wrong class (MemoryDatabase). I have just tried to extended JDBCRealm instead (in order to use stored procedures instead of the default queries) and everything looks to work fine (I'm still testing). Thanks again, Fabio. > -Messaggio originale- > Da: Adam Hardy [mailto:[EMAIL PROTECTED] > Inviato: lunedì 17 novembre 2003 13:45 > A: Struts Users Mailing List > Oggetto: Re: Realm authentication & password change > > > On 11/17/2003 12:43 PM Grassi Fabio wrote: > > I'm using Tomcat User Database Realm authentication with a Struts > > application. It all works fine *but* I would like to give > my users the > > ability to change their password. The problem is that once > the password > > is changed in my RDBMS, Tomcat keeps the old password in > memory until > > restarted. So the unlucky user who has changed the password gets > > prevented from logging in again. > > Hi Fabio, > I don't think that is quite correct. As far as the docs go, > the info is > kept for the duration of the session. So you have to invalidate the > user's session and force them to log in again. > > Adam > > -- > struts 1.1 + tomcat 5.0.12 + java 1.4.2 > Linux 2.4.20 RH9 > > Ai sensi della Legge 675/96, si precisa che le informazioni contenute in questo messaggio sono riservate ed a uso esclusivo del destinatario. Qualora il messaggio in parola Le fosse pervenuto per errore, la preghiamo di eliminarlo senza copiarlo e di non inoltrarlo a terzi, dandocene gentilmente comunicazione. Grazie.This message, for the law 675/96 may contain confidential and/or privileged information. If you are not the addressee or authorized to receive this for the addressee, you must not use, copy, disclose or take any action based on this message or any information herein. If you have received this message in error, please advise the sender immediately by reply e-mail and delete this message. Thank you for your cooperation.
Re: Realm authentication & password change
On 11/17/2003 12:43 PM Grassi Fabio wrote: I'm using Tomcat User Database Realm authentication with a Struts application. It all works fine *but* I would like to give my users the ability to change their password. The problem is that once the password is changed in my RDBMS, Tomcat keeps the old password in memory until restarted. So the unlucky user who has changed the password gets prevented from logging in again. Hi Fabio, I don't think that is quite correct. As far as the docs go, the info is kept for the duration of the session. So you have to invalidate the user's session and force them to log in again. Adam -- struts 1.1 + tomcat 5.0.12 + java 1.4.2 Linux 2.4.20 RH9 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Realm authentication & password change
I'm using Tomcat User Database Realm authentication with a Struts application. It all works fine *but* I would like to give my users the ability to change their password. The problem is that once the password is changed in my RDBMS, Tomcat keeps the old password in memory until restarted. So the unlucky user who has changed the password gets prevented from logging in again. Does anybody have a similar problem? I'm I doping something wrong? Any hint would be greately appreciated. Thanks in advance, Fabio. Ai sensi della Legge 675/96, si precisa che le informazioni contenute in questo messaggio sono riservate ed a uso esclusivo del destinatario. Qualora il messaggio in parola Le fosse pervenuto per errore, la preghiamo di eliminarlo senza copiarlo e di non inoltrarlo a terzi, dandocene gentilmente comunicazione. Grazie.This message, for the law 675/96 may contain confidential and/or privileged information. If you are not the addressee or authorized to receive this for the addressee, you must not use, copy, disclose or take any action based on this message or any information herein. If you have received this message in error, please advise the sender immediately by reply e-mail and delete this message. Thank you for your cooperation.