I already explained where authentication data cache exists in JBoss/embeded
Tomcat and how it gets flushed. If you are seeing differenct results then
a)use jmx-console to view/manipulate the authentication cache to see what is
going on. b) check/post your security configurations to see that wh
In fact the session is being invalidated and the problem still persists.
Considering things you've said I think this is a JBossSX issue. Any ideas on
how to flush the databaseloginmodule data?
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3952658#3952658
Re
Well that's not the exact point - I don't have to check the user roles at
runtime or dynamically. The only thing is that (that's how I suppose it does
work) the DatabaseLoginModule assigns the roles at the point when the
application is started or at the first login not each time the login is
pe
There are two points where roles may be cached...
Tomcat caches the Principal and Roles of a user in the session. Thus,
inactivating a session removes that cache.
JBossSX has an authentication cache that exists for the length of time
specified by timeout option.
If your web security-domain i
See http://www.jboss.com/index.html?module=bb&op=viewtopic&t=47199 for similar
problem.
cgriffith
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3952013#3952013
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3952013
_