Just curious - by "next release" do you mean 3.0.7 or when 3.2 goes final?
Also, we tried implementing our own CachePolicy, but had trouble since it didn't seem like the CachePolicy interface had all the information it needed to know to make the decision to clear a particular user, and when. Anyway, if there's going to be a jboss-3.0.7_tomcat-4.1.18 soon that includes the new JaasSecurityManager method, I'm happy enough to wait for that.
Thanks again,
David
--
Scott M Stark escribió::
I'll add this ability in the next release. To do it today implement your own CachePolicy.xxxxxxxxxxxxxxxxxxxxxxxx Scott Stark Chief Technology Officer JBoss Group, LLC xxxxxxxxxxxxxxxxxxxxxxxx ----- Original Message ----- From: "David Ward" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, January 29, 2003 7:32 AM Subject: Re: [JBoss-user] help clearing a single user from authentication cache I just upgraded from jboss-3.0.4_tomcat-4.1.12 to jboss-3.0.6_tomcat-4.1.18. I noticed a LOT more methods in the JaasSecurityManagerService. The methods are now: getPrincipal() registerSecurityDomain() isValid() start() create() doesUserHaveRole() getAuthenticationCachePrincipals() stop() getUserRoles() flushAuthenticationCache() destroy() Oh, how I wish there was a removeAuthenticationCachePrincipal() that took a String username or Principal! Should I submit an RFE at sourceforge, or can I beg the powers-that-be (Scott?) to add it to a 3.0.7? Or maybe there's a way to accomplish what I want in 3.0.6 that I don't know about? Thanks, David -- Meyer-Willner, Bernhard escribió::Very interesting! I would like to do the same. I'm already using the method java.util.List getAuthenticationCachePrincipals() which I believe is available only since 3.0.5 to get a List of the principals currently in the authentication cache. I looked up the JaasSecurityManager directly from the MBeanServer since also my lookup of java:/timedCacheFactory failed. I don't see a method to evict a single user from the cache, just all by calling flushAuthenticationCache. Is there a method like this? Besides...something else...would it be possible to show the meanings of the parameters of MBean operations in JMX Console. Sometimes it's kind of hard to guess what they mean and it's kind of cumbersome to look it up in the Javadocs. Thanks, Bernhard -----Ursprüngliche Nachricht----- Von: David Ward [mailto:[EMAIL PROTECTED]] Gesendet: Dienstag, 28. Januar 2003 21:12 An: [EMAIL PROTECTED] Betreff: [JBoss-user] help clearing a single user from authentication cache Using JDK 1.4.1_01, jboss-3.0.4_tomca-tomcat-4.1.2 on Linux. I'm trying to clear from the authentication cache JUST a single user. Invoking flushAuthenticationCache(String) on the mbean works fine, but it flushes *all* users' security infos. I want to call the CachePolicy's remove(Principal) method, so I tried looking up the CachePolicy in JNDI and calling it. Though I found a TimedCachePolicy in jndi under java:/timedCacheFactory/docs (docs is our app's security name), and called the remove(Principal) method successfully, it doesn't seem to do anything. Then, I tried extending JaasSecurityManagerService, configuring the use of my class in jboss-service.xml. I see it in the JMX-Console, but for some reason my added method isn't showing up there (under list mbean operations), and I don't know how to register an MBean interface to expose it. Please help. Again, my end goal is to flush the authentication cache for just a single user. Unfortunately, there's not a public, exposed method in the JaasSecurityManagerService that does this. Also, below is some output from the jmx console JNDIView. - What's up with the "Failed to lookup: timedCacheFactory?" - When I looked up the timedCacheFactory, it's actually a $Proxy class (EJB?) - java:jaas/docs says it's a SecurityDomainContext below, but when I look it up in code, I get a ClassCastException saying it's *really* a JaasSecurityManager! Why the descrepency? If it *was* actually a SecurityDomainContext, I could call sdc.getAuthenticationCache().remove(new SimplePrincipal("username"))! Thanks again, David java: Namespace +- DefaultDS (class: org.jboss.resource.adapter.jdbc.local.LocalDataSource) +- XAConnectionFactory (class: org.jboss.mq.SpyXAConnectionFactory) +- SecurityProxyFactory (class: org.jboss.security.SubjectSecurityProxyFactory) +- DefaultJMSProvider (class: org.jboss.jms.jndi.JBossMQProvider) +- CounterService (class: org.jboss.varia.counter.CounterService) +- comp (class: javax.naming.Context) +- JmsXA (class: org.jboss.resource.adapter.jms.JmsConnectionFactoryImpl) +- ConnectionFactory (class: org.jboss.mq.SpyConnectionFactory) +- jaas (class: javax.naming.Context) | +- JmsXARealm (class: org.jboss.security.plugins.SecurityDomainContext) | +- jbossmq (class: org.jboss.security.plugins.SecurityDomainContext) | +- docs (class: org.jboss.security.plugins.SecurityDomainContext) +- timedCacheFactory (class: javax.naming.Context) Failed to lookup: timedCacheFactory, errmsg=null +- TransactionPropagationContextExporter (class: org.jboss.tm.TransactionPropagationContextFactory) +- Mail (class: javax.mail.Session) +- StdJMSPool (class: org.jboss.jms.asf.StdServerSessionPoolFactory) +- TransactionPropagationContextImporter (class: org.jboss.tm.TransactionPropagationContextImporter) +- DocsDS (class: org.jboss.resource.adapter.jdbc.local.LocalDataSource) +- TransactionManager (class: org.jboss.tm.TxManager)
------------------------------------------------------- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com _______________________________________________ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
