"Schouten, Andreas" wrote:
>
> Hello,
>
> today I upgradet from 2.4.0.23 to 2.4.0 (file JBoss-2.4.0_Tomcat-3.2.3.zip).
>
> We use integated tomcat and jaas security.
> The first login is successful also calling a stateless session bean is
> successful. But when a second instance of this bean is created a security
> exception occur. The username seams to be lost.
>
> (The same ear works under 2.4.0.23)
>
This sounds very similar to the problem I posted to the security forum
yesterday. I get exactly the same exception, but in my case it isn't
losing the username - it throws the exception before the login occurs
and before the principal has been set. As soon as the user attempts to
access a web URL which has a security contraint applied, the exception
occurs and then the login goes ahead. Thereafter everything proceeds as
normal - I can make as many requests as I want without any further
problems ...
Luke.
> [Default] Found StatelessSessionHome // after lookup the home interface
> [Default] javax.security.auth.login.FailedLoginException: No matching
> username found in Principals
> [Default] at
> org.jboss.security.auth.spi.DatabaseServerLoginModule.getUsersPassword(Datab
> aseServerLoginModule.java
> :96)
_______________________________________________
Jboss-development mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/jboss-development
