Re: [JBoss-user] help clearing a single user from authentication cache
I'll add this ability in the next release. To do it today implement your own CachePolicy. Scott Stark Chief Technology Officer JBoss Group, LLC - Original Message - From: David Ward [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, January 29, 2003 7:32 AM Subject: Re: [JBoss-user] help clearing a single user from authentication cache I just upgraded from jboss-3.0.4_tomcat-4.1.12 to jboss-3.0.6_tomcat-4.1.18. I noticed a LOT more methods in the JaasSecurityManagerService. The methods are now: getPrincipal() registerSecurityDomain() isValid() start() create() doesUserHaveRole() getAuthenticationCachePrincipals() stop() getUserRoles() flushAuthenticationCache() destroy() Oh, how I wish there was a removeAuthenticationCachePrincipal() that took a String username or Principal! Should I submit an RFE at sourceforge, or can I beg the powers-that-be (Scott?) to add it to a 3.0.7? Or maybe there's a way to accomplish what I want in 3.0.6 that I don't know about? Thanks, David -- Meyer-Willner, Bernhard escribió:: Very interesting! I would like to do the same. I'm already using the method java.util.List getAuthenticationCachePrincipals() which I believe is available only since 3.0.5 to get a List of the principals currently in the authentication cache. I looked up the JaasSecurityManager directly from the MBeanServer since also my lookup of java:/timedCacheFactory failed. I don't see a method to evict a single user from the cache, just all by calling flushAuthenticationCache. Is there a method like this? Besides...something else...would it be possible to show the meanings of the parameters of MBean operations in JMX Console. Sometimes it's kind of hard to guess what they mean and it's kind of cumbersome to look it up in the Javadocs. Thanks, Bernhard -Ursprüngliche Nachricht- Von: David Ward [mailto:[EMAIL PROTECTED]] Gesendet: Dienstag, 28. Januar 2003 21:12 An: [EMAIL PROTECTED] Betreff: [JBoss-user] help clearing a single user from authentication cache Using JDK 1.4.1_01, jboss-3.0.4_tomca-tomcat-4.1.2 on Linux. I'm trying to clear from the authentication cache JUST a single user. Invoking flushAuthenticationCache(String) on the mbean works fine, but it flushes *all* users' security infos. I want to call the CachePolicy's remove(Principal) method, so I tried looking up the CachePolicy in JNDI and calling it. Though I found a TimedCachePolicy in jndi under java:/timedCacheFactory/docs (docs is our app's security name), and called the remove(Principal) method successfully, it doesn't seem to do anything. Then, I tried extending JaasSecurityManagerService, configuring the use of my class in jboss-service.xml. I see it in the JMX-Console, but for some reason my added method isn't showing up there (under list mbean operations), and I don't know how to register an MBean interface to expose it. Please help. Again, my end goal is to flush the authentication cache for just a single user. Unfortunately, there's not a public, exposed method in the JaasSecurityManagerService that does this. Also, below is some output from the jmx console JNDIView. - What's up with the Failed to lookup: timedCacheFactory? - When I looked up the timedCacheFactory, it's actually a $Proxy class (EJB?) - java:jaas/docs says it's a SecurityDomainContext below, but when I look it up in code, I get a ClassCastException saying it's *really* a JaasSecurityManager! Why the descrepency? If it *was* actually a SecurityDomainContext, I could call sdc.getAuthenticationCache().remove(new SimplePrincipal(username))! Thanks again, David java: Namespace +- DefaultDS (class: org.jboss.resource.adapter.jdbc.local.LocalDataSource) +- XAConnectionFactory (class: org.jboss.mq.SpyXAConnectionFactory) +- SecurityProxyFactory (class: org.jboss.security.SubjectSecurityProxyFactory) +- DefaultJMSProvider (class: org.jboss.jms.jndi.JBossMQProvider) +- CounterService (class: org.jboss.varia.counter.CounterService) +- comp (class: javax.naming.Context) +- JmsXA (class: org.jboss.resource.adapter.jms.JmsConnectionFactoryImpl) +- ConnectionFactory (class: org.jboss.mq.SpyConnectionFactory) +- jaas (class: javax.naming.Context) | +- JmsXARealm (class: org.jboss.security.plugins.SecurityDomainContext) | +- jbossmq (class: org.jboss.security.plugins.SecurityDomainContext) | +- docs (class: org.jboss.security.plugins.SecurityDomainContext) +- timedCacheFactory (class: javax.naming.Context) Failed to lookup: timedCacheFactory, errmsg=null +- TransactionPropagationContextExporter (class: org.jboss.tm.TransactionPropagationContextFactory) +- Mail (class: javax.mail.Session) +- StdJMSPool (class: org.jboss.jms.asf.StdServerSessionPoolFactory) +- TransactionPropagationContextImporter (class: org.jboss.tm.TransactionPropagationContextImporter
Re: [JBoss-user] help clearing a single user from authentication cache
Thanks, Scott. I noticed you assigned yourself to the RFE I submitted for this. Just curious - by next release do you mean 3.0.7 or when 3.2 goes final? Also, we tried implementing our own CachePolicy, but had trouble since it didn't seem like the CachePolicy interface had all the information it needed to know to make the decision to clear a particular user, and when. Anyway, if there's going to be a jboss-3.0.7_tomcat-4.1.18 soon that includes the new JaasSecurityManager method, I'm happy enough to wait for that. Thanks again, David -- Scott M Stark escribió:: I'll add this ability in the next release. To do it today implement your own CachePolicy. Scott Stark Chief Technology Officer JBoss Group, LLC - Original Message - From: David Ward [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, January 29, 2003 7:32 AM Subject: Re: [JBoss-user] help clearing a single user from authentication cache I just upgraded from jboss-3.0.4_tomcat-4.1.12 to jboss-3.0.6_tomcat-4.1.18. I noticed a LOT more methods in the JaasSecurityManagerService. The methods are now: getPrincipal() registerSecurityDomain() isValid() start() create() doesUserHaveRole() getAuthenticationCachePrincipals() stop() getUserRoles() flushAuthenticationCache() destroy() Oh, how I wish there was a removeAuthenticationCachePrincipal() that took a String username or Principal! Should I submit an RFE at sourceforge, or can I beg the powers-that-be (Scott?) to add it to a 3.0.7? Or maybe there's a way to accomplish what I want in 3.0.6 that I don't know about? Thanks, David -- Meyer-Willner, Bernhard escribió:: Very interesting! I would like to do the same. I'm already using the method java.util.List getAuthenticationCachePrincipals() which I believe is available only since 3.0.5 to get a List of the principals currently in the authentication cache. I looked up the JaasSecurityManager directly from the MBeanServer since also my lookup of java:/timedCacheFactory failed. I don't see a method to evict a single user from the cache, just all by calling flushAuthenticationCache. Is there a method like this? Besides...something else...would it be possible to show the meanings of the parameters of MBean operations in JMX Console. Sometimes it's kind of hard to guess what they mean and it's kind of cumbersome to look it up in the Javadocs. Thanks, Bernhard -Ursprüngliche Nachricht- Von: David Ward [mailto:[EMAIL PROTECTED]] Gesendet: Dienstag, 28. Januar 2003 21:12 An: [EMAIL PROTECTED] Betreff: [JBoss-user] help clearing a single user from authentication cache Using JDK 1.4.1_01, jboss-3.0.4_tomca-tomcat-4.1.2 on Linux. I'm trying to clear from the authentication cache JUST a single user. Invoking flushAuthenticationCache(String) on the mbean works fine, but it flushes *all* users' security infos. I want to call the CachePolicy's remove(Principal) method, so I tried looking up the CachePolicy in JNDI and calling it. Though I found a TimedCachePolicy in jndi under java:/timedCacheFactory/docs (docs is our app's security name), and called the remove(Principal) method successfully, it doesn't seem to do anything. Then, I tried extending JaasSecurityManagerService, configuring the use of my class in jboss-service.xml. I see it in the JMX-Console, but for some reason my added method isn't showing up there (under list mbean operations), and I don't know how to register an MBean interface to expose it. Please help. Again, my end goal is to flush the authentication cache for just a single user. Unfortunately, there's not a public, exposed method in the JaasSecurityManagerService that does this. Also, below is some output from the jmx console JNDIView. - What's up with the Failed to lookup: timedCacheFactory? - When I looked up the timedCacheFactory, it's actually a $Proxy class (EJB?) - java:jaas/docs says it's a SecurityDomainContext below, but when I look it up in code, I get a ClassCastException saying it's *really* a JaasSecurityManager! Why the descrepency? If it *was* actually a SecurityDomainContext, I could call sdc.getAuthenticationCache().remove(new SimplePrincipal(username))! Thanks again, David java: Namespace +- DefaultDS (class: org.jboss.resource.adapter.jdbc.local.LocalDataSource) +- XAConnectionFactory (class: org.jboss.mq.SpyXAConnectionFactory) +- SecurityProxyFactory (class: org.jboss.security.SubjectSecurityProxyFactory) +- DefaultJMSProvider (class: org.jboss.jms.jndi.JBossMQProvider) +- CounterService (class: org.jboss.varia.counter.CounterService) +- comp (class: javax.naming.Context) +- JmsXA (class: org.jboss.resource.adapter.jms.JmsConnectionFactoryImpl) +- ConnectionFactory (class: org.jboss.mq.SpyConnectionFactory) +- jaas (class: javax.naming.Context) | +- JmsXARealm (class: org.jboss.security.plugins.SecurityDomainContext) | +- jbossmq (class: org.jboss.security.plugins.SecurityDomainContext
Re: [JBoss-user] help clearing a single user from authentication cache
I have added an RFE to SourceForge: https://sourceforge.net/tracker/index.php?func=detailaid=677614group_id=22866atid=376688 On a side note, does anyone know if Scott Stark is on vacation? I haven't noticed any emails from him on the list for a few days. Thanks again, David -- Meyer-Willner, Bernhard escribió:: RFE in sourceforge sounds good to me. The methods you mention have been there since 3.0.5. -Ursprüngliche Nachricht- Von: David Ward [mailto:[EMAIL PROTECTED]] Gesendet: Mittwoch, 29. Januar 2003 16:33 An: [EMAIL PROTECTED] Betreff: Re: [JBoss-user] help clearing a single user from authentication cache I just upgraded from jboss-3.0.4_tomcat-4.1.12 to jboss-3.0.6_tomcat-4.1.18. I noticed a LOT more methods in the JaasSecurityManagerService. The methods are now: getPrincipal() registerSecurityDomain() isValid() start() create() doesUserHaveRole() getAuthenticationCachePrincipals() stop() getUserRoles() flushAuthenticationCache() destroy() Oh, how I wish there was a removeAuthenticationCachePrincipal() that took a String username or Principal! Should I submit an RFE at sourceforge, or can I beg the powers-that-be (Scott?) to add it to a 3.0.7? Or maybe there's a way to accomplish what I want in 3.0.6 that I don't know about? Thanks, David -- Meyer-Willner, Bernhard escribió:: Very interesting! I would like to do the same. I'm already using the method java.util.List getAuthenticationCachePrincipals() which I believe is available only since 3.0.5 to get a List of the principals currently in the authentication cache. I looked up the JaasSecurityManager directly from the MBeanServer since also my lookup of java:/timedCacheFactory failed. I don't see a method to evict a single user from the cache, just all by calling flushAuthenticationCache. Is there a method like this? Besides...something else...would it be possible to show the meanings of the parameters of MBean operations in JMX Console. Sometimes it's kind of hard to guess what they mean and it's kind of cumbersome to look it up in the Javadocs. Thanks, Bernhard -Ursprüngliche Nachricht- Von: David Ward [mailto:[EMAIL PROTECTED]] Gesendet: Dienstag, 28. Januar 2003 21:12 An: [EMAIL PROTECTED] Betreff: [JBoss-user] help clearing a single user from authentication cache Using JDK 1.4.1_01, jboss-3.0.4_tomca-tomcat-4.1.2 on Linux. I'm trying to clear from the authentication cache JUST a single user. Invoking flushAuthenticationCache(String) on the mbean works fine, but it flushes *all* users' security infos. I want to call the CachePolicy's remove(Principal) method, so I tried looking up the CachePolicy in JNDI and calling it. Though I found a TimedCachePolicy in jndi under java:/timedCacheFactory/docs (docs is our app's security name), and called the remove(Principal) method successfully, it doesn't seem to do anything. Then, I tried extending JaasSecurityManagerService, configuring the use of my class in jboss-service.xml. I see it in the JMX-Console, but for some reason my added method isn't showing up there (under list mbean operations), and I don't know how to register an MBean interface to expose it. Please help. Again, my end goal is to flush the authentication cache for just a single user. Unfortunately, there's not a public, exposed method in the JaasSecurityManagerService that does this. Also, below is some output from the jmx console JNDIView. - What's up with the Failed to lookup: timedCacheFactory? - When I looked up the timedCacheFactory, it's actually a $Proxy class (EJB?) - java:jaas/docs says it's a SecurityDomainContext below, but when I look it up in code, I get a ClassCastException saying it's *really* a JaasSecurityManager! Why the descrepency? If it *was* actually a SecurityDomainContext, I could call sdc.getAuthenticationCache().remove(new SimplePrincipal(username))! Thanks again, David java: Namespace +- DefaultDS (class: org.jboss.resource.adapter.jdbc.local.LocalDataSource) +- XAConnectionFactory (class: org.jboss.mq.SpyXAConnectionFactory) +- SecurityProxyFactory (class: org.jboss.security.SubjectSecurityProxyFactory) +- DefaultJMSProvider (class: org.jboss.jms.jndi.JBossMQProvider) +- CounterService (class: org.jboss.varia.counter.CounterService) +- comp (class: javax.naming.Context) +- JmsXA (class: org.jboss.resource.adapter.jms.JmsConnectionFactoryImpl) +- ConnectionFactory (class: org.jboss.mq.SpyConnectionFactory) +- jaas (class: javax.naming.Context) | +- JmsXARealm (class: org.jboss.security.plugins.SecurityDomainContext) | +- jbossmq (class: org.jboss.security.plugins.SecurityDomainContext) | +- docs (class: org.jboss.security.plugins.SecurityDomainContext) +- timedCacheFactory (class: javax.naming.Context) Failed to lookup: timedCacheFactory, errmsg=null +- TransactionPropagationContextExporter (class: org.jboss.tm.TransactionPropagationContextFactory) +- Mail (class
Re: [JBoss-user] help clearing a single user from authentication cache
Very interesting! I would like to do the same. I'm already using the method java.util.List getAuthenticationCachePrincipals() which I believe is available only since 3.0.5 to get a List of the principals currently in the authentication cache. I looked up the JaasSecurityManager directly from the MBeanServer since also my lookup of java:/timedCacheFactory failed. I don't see a method to evict a single user from the cache, just all by calling flushAuthenticationCache. Is there a method like this? Besides...something else...would it be possible to show the meanings of the parameters of MBean operations in JMX Console. Sometimes it's kind of hard to guess what they mean and it's kind of cumbersome to look it up in the Javadocs. Thanks, Bernhard -Ursprüngliche Nachricht- Von: David Ward [mailto:[EMAIL PROTECTED]] Gesendet: Dienstag, 28. Januar 2003 21:12 An: [EMAIL PROTECTED] Betreff: [JBoss-user] help clearing a single user from authentication cache Using JDK 1.4.1_01, jboss-3.0.4_tomca-tomcat-4.1.2 on Linux. I'm trying to clear from the authentication cache JUST a single user. Invoking flushAuthenticationCache(String) on the mbean works fine, but it flushes *all* users' security infos. I want to call the CachePolicy's remove(Principal) method, so I tried looking up the CachePolicy in JNDI and calling it. Though I found a TimedCachePolicy in jndi under java:/timedCacheFactory/docs (docs is our app's security name), and called the remove(Principal) method successfully, it doesn't seem to do anything. Then, I tried extending JaasSecurityManagerService, configuring the use of my class in jboss-service.xml. I see it in the JMX-Console, but for some reason my added method isn't showing up there (under list mbean operations), and I don't know how to register an MBean interface to expose it. Please help. Again, my end goal is to flush the authentication cache for just a single user. Unfortunately, there's not a public, exposed method in the JaasSecurityManagerService that does this. Also, below is some output from the jmx console JNDIView. - What's up with the Failed to lookup: timedCacheFactory? - When I looked up the timedCacheFactory, it's actually a $Proxy class (EJB?) - java:jaas/docs says it's a SecurityDomainContext below, but when I look it up in code, I get a ClassCastException saying it's *really* a JaasSecurityManager! Why the descrepency? If it *was* actually a SecurityDomainContext, I could call sdc.getAuthenticationCache().remove(new SimplePrincipal(username))! Thanks again, David java: Namespace +- DefaultDS (class: org.jboss.resource.adapter.jdbc.local.LocalDataSource) +- XAConnectionFactory (class: org.jboss.mq.SpyXAConnectionFactory) +- SecurityProxyFactory (class: org.jboss.security.SubjectSecurityProxyFactory) +- DefaultJMSProvider (class: org.jboss.jms.jndi.JBossMQProvider) +- CounterService (class: org.jboss.varia.counter.CounterService) +- comp (class: javax.naming.Context) +- JmsXA (class: org.jboss.resource.adapter.jms.JmsConnectionFactoryImpl) +- ConnectionFactory (class: org.jboss.mq.SpyConnectionFactory) +- jaas (class: javax.naming.Context) | +- JmsXARealm (class: org.jboss.security.plugins.SecurityDomainContext) | +- jbossmq (class: org.jboss.security.plugins.SecurityDomainContext) | +- docs (class: org.jboss.security.plugins.SecurityDomainContext) +- timedCacheFactory (class: javax.naming.Context) Failed to lookup: timedCacheFactory, errmsg=null +- TransactionPropagationContextExporter (class: org.jboss.tm.TransactionPropagationContextFactory) +- Mail (class: javax.mail.Session) +- StdJMSPool (class: org.jboss.jms.asf.StdServerSessionPoolFactory) +- TransactionPropagationContextImporter (class: org.jboss.tm.TransactionPropagationContextImporter) +- DocsDS (class: org.jboss.resource.adapter.jdbc.local.LocalDataSource) +- TransactionManager (class: org.jboss.tm.TxManager) --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com ___ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you. --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com ___ JBoss-user mailing list [EMAIL
Re: [JBoss-user] help clearing a single user from authentication cache
I just upgraded from jboss-3.0.4_tomcat-4.1.12 to jboss-3.0.6_tomcat-4.1.18. I noticed a LOT more methods in the JaasSecurityManagerService. The methods are now: getPrincipal() registerSecurityDomain() isValid() start() create() doesUserHaveRole() getAuthenticationCachePrincipals() stop() getUserRoles() flushAuthenticationCache() destroy() Oh, how I wish there was a removeAuthenticationCachePrincipal() that took a String username or Principal! Should I submit an RFE at sourceforge, or can I beg the powers-that-be (Scott?) to add it to a 3.0.7? Or maybe there's a way to accomplish what I want in 3.0.6 that I don't know about? Thanks, David -- Meyer-Willner, Bernhard escribió:: Very interesting! I would like to do the same. I'm already using the method java.util.List getAuthenticationCachePrincipals() which I believe is available only since 3.0.5 to get a List of the principals currently in the authentication cache. I looked up the JaasSecurityManager directly from the MBeanServer since also my lookup of java:/timedCacheFactory failed. I don't see a method to evict a single user from the cache, just all by calling flushAuthenticationCache. Is there a method like this? Besides...something else...would it be possible to show the meanings of the parameters of MBean operations in JMX Console. Sometimes it's kind of hard to guess what they mean and it's kind of cumbersome to look it up in the Javadocs. Thanks, Bernhard -Ursprüngliche Nachricht- Von: David Ward [mailto:[EMAIL PROTECTED]] Gesendet: Dienstag, 28. Januar 2003 21:12 An: [EMAIL PROTECTED] Betreff: [JBoss-user] help clearing a single user from authentication cache Using JDK 1.4.1_01, jboss-3.0.4_tomca-tomcat-4.1.2 on Linux. I'm trying to clear from the authentication cache JUST a single user. Invoking flushAuthenticationCache(String) on the mbean works fine, but it flushes *all* users' security infos. I want to call the CachePolicy's remove(Principal) method, so I tried looking up the CachePolicy in JNDI and calling it. Though I found a TimedCachePolicy in jndi under java:/timedCacheFactory/docs (docs is our app's security name), and called the remove(Principal) method successfully, it doesn't seem to do anything. Then, I tried extending JaasSecurityManagerService, configuring the use of my class in jboss-service.xml. I see it in the JMX-Console, but for some reason my added method isn't showing up there (under list mbean operations), and I don't know how to register an MBean interface to expose it. Please help. Again, my end goal is to flush the authentication cache for just a single user. Unfortunately, there's not a public, exposed method in the JaasSecurityManagerService that does this. Also, below is some output from the jmx console JNDIView. - What's up with the Failed to lookup: timedCacheFactory? - When I looked up the timedCacheFactory, it's actually a $Proxy class (EJB?) - java:jaas/docs says it's a SecurityDomainContext below, but when I look it up in code, I get a ClassCastException saying it's *really* a JaasSecurityManager! Why the descrepency? If it *was* actually a SecurityDomainContext, I could call sdc.getAuthenticationCache().remove(new SimplePrincipal(username))! Thanks again, David java: Namespace +- DefaultDS (class: org.jboss.resource.adapter.jdbc.local.LocalDataSource) +- XAConnectionFactory (class: org.jboss.mq.SpyXAConnectionFactory) +- SecurityProxyFactory (class: org.jboss.security.SubjectSecurityProxyFactory) +- DefaultJMSProvider (class: org.jboss.jms.jndi.JBossMQProvider) +- CounterService (class: org.jboss.varia.counter.CounterService) +- comp (class: javax.naming.Context) +- JmsXA (class: org.jboss.resource.adapter.jms.JmsConnectionFactoryImpl) +- ConnectionFactory (class: org.jboss.mq.SpyConnectionFactory) +- jaas (class: javax.naming.Context) | +- JmsXARealm (class: org.jboss.security.plugins.SecurityDomainContext) | +- jbossmq (class: org.jboss.security.plugins.SecurityDomainContext) | +- docs (class: org.jboss.security.plugins.SecurityDomainContext) +- timedCacheFactory (class: javax.naming.Context) Failed to lookup: timedCacheFactory, errmsg=null +- TransactionPropagationContextExporter (class: org.jboss.tm.TransactionPropagationContextFactory) +- Mail (class: javax.mail.Session) +- StdJMSPool (class: org.jboss.jms.asf.StdServerSessionPoolFactory) +- TransactionPropagationContextImporter (class: org.jboss.tm.TransactionPropagationContextImporter) +- DocsDS (class: org.jboss.resource.adapter.jdbc.local.LocalDataSource) +- TransactionManager (class: org.jboss.tm.TxManager) --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com ___ JBoss-user mailing list [EMAIL PROTECTED]
Re: [JBoss-user] help clearing a single user from authentication cache
RFE in sourceforge sounds good to me. The methods you mention have been there since 3.0.5. -Ursprüngliche Nachricht- Von: David Ward [mailto:[EMAIL PROTECTED]] Gesendet: Mittwoch, 29. Januar 2003 16:33 An: [EMAIL PROTECTED] Betreff: Re: [JBoss-user] help clearing a single user from authentication cache I just upgraded from jboss-3.0.4_tomcat-4.1.12 to jboss-3.0.6_tomcat-4.1.18. I noticed a LOT more methods in the JaasSecurityManagerService. The methods are now: getPrincipal() registerSecurityDomain() isValid() start() create() doesUserHaveRole() getAuthenticationCachePrincipals() stop() getUserRoles() flushAuthenticationCache() destroy() Oh, how I wish there was a removeAuthenticationCachePrincipal() that took a String username or Principal! Should I submit an RFE at sourceforge, or can I beg the powers-that-be (Scott?) to add it to a 3.0.7? Or maybe there's a way to accomplish what I want in 3.0.6 that I don't know about? Thanks, David -- Meyer-Willner, Bernhard escribió:: Very interesting! I would like to do the same. I'm already using the method java.util.List getAuthenticationCachePrincipals() which I believe is available only since 3.0.5 to get a List of the principals currently in the authentication cache. I looked up the JaasSecurityManager directly from the MBeanServer since also my lookup of java:/timedCacheFactory failed. I don't see a method to evict a single user from the cache, just all by calling flushAuthenticationCache. Is there a method like this? Besides...something else...would it be possible to show the meanings of the parameters of MBean operations in JMX Console. Sometimes it's kind of hard to guess what they mean and it's kind of cumbersome to look it up in the Javadocs. Thanks, Bernhard -Ursprüngliche Nachricht- Von: David Ward [mailto:[EMAIL PROTECTED]] Gesendet: Dienstag, 28. Januar 2003 21:12 An: [EMAIL PROTECTED] Betreff: [JBoss-user] help clearing a single user from authentication cache Using JDK 1.4.1_01, jboss-3.0.4_tomca-tomcat-4.1.2 on Linux. I'm trying to clear from the authentication cache JUST a single user. Invoking flushAuthenticationCache(String) on the mbean works fine, but it flushes *all* users' security infos. I want to call the CachePolicy's remove(Principal) method, so I tried looking up the CachePolicy in JNDI and calling it. Though I found a TimedCachePolicy in jndi under java:/timedCacheFactory/docs (docs is our app's security name), and called the remove(Principal) method successfully, it doesn't seem to do anything. Then, I tried extending JaasSecurityManagerService, configuring the use of my class in jboss-service.xml. I see it in the JMX-Console, but for some reason my added method isn't showing up there (under list mbean operations), and I don't know how to register an MBean interface to expose it. Please help. Again, my end goal is to flush the authentication cache for just a single user. Unfortunately, there's not a public, exposed method in the JaasSecurityManagerService that does this. Also, below is some output from the jmx console JNDIView. - What's up with the Failed to lookup: timedCacheFactory? - When I looked up the timedCacheFactory, it's actually a $Proxy class (EJB?) - java:jaas/docs says it's a SecurityDomainContext below, but when I look it up in code, I get a ClassCastException saying it's *really* a JaasSecurityManager! Why the descrepency? If it *was* actually a SecurityDomainContext, I could call sdc.getAuthenticationCache().remove(new SimplePrincipal(username))! Thanks again, David java: Namespace +- DefaultDS (class: org.jboss.resource.adapter.jdbc.local.LocalDataSource) +- XAConnectionFactory (class: org.jboss.mq.SpyXAConnectionFactory) +- SecurityProxyFactory (class: org.jboss.security.SubjectSecurityProxyFactory) +- DefaultJMSProvider (class: org.jboss.jms.jndi.JBossMQProvider) +- CounterService (class: org.jboss.varia.counter.CounterService) +- comp (class: javax.naming.Context) +- JmsXA (class: org.jboss.resource.adapter.jms.JmsConnectionFactoryImpl) +- ConnectionFactory (class: org.jboss.mq.SpyConnectionFactory) +- jaas (class: javax.naming.Context) | +- JmsXARealm (class: org.jboss.security.plugins.SecurityDomainContext) | +- jbossmq (class: org.jboss.security.plugins.SecurityDomainContext) | +- docs (class: org.jboss.security.plugins.SecurityDomainContext) +- timedCacheFactory (class: javax.naming.Context) Failed to lookup: timedCacheFactory, errmsg=null +- TransactionPropagationContextExporter (class: org.jboss.tm.TransactionPropagationContextFactory) +- Mail (class: javax.mail.Session) +- StdJMSPool (class: org.jboss.jms.asf.StdServerSessionPoolFactory) +- TransactionPropagationContextImporter (class: org.jboss.tm.TransactionPropagationContextImporter) +- DocsDS (class