I'm using Tomcat User Database Realm authentication with a Struts application. It all works fine *but* I would like to give my users the ability to change their password. The problem is that once the password is changed in my RDBMS, Tomcat keeps the old password in memory until restarted. So the unlucky user who has changed the password gets prevented from logging in again.
Hi Fabio,
I don't think that is quite correct. As far as the docs go, the info is kept for the duration of the session. So you have to invalidate the user's session and force them to log in again.
Adam
-- struts 1.1 + tomcat 5.0.12 + java 1.4.2 Linux 2.4.20 RH9
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
