This has been discussed before and it is the JAAS ConfigFile that is not thread safe. Rather than synchronizing all logins which can be a bad thing if a login is expensive, the security mgr service will preload the ConfigFile in its startup. It is only the ConfigFile initialization that is not thread safe.
xxxxxxxxxxxxxxxxxxxxxxxx Scott Stark Chief Technology Officer JBoss Group, LLC xxxxxxxxxxxxxxxxxxxxxxxx ----- Original Message ----- From: "Holger Engels" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Friday, February 22, 2002 9:34 AM Subject: [JBoss-dev] JaasSecurityManager is not thread safe > > The method > > defaultLogin(Principal principal, Object credential) > > in JaasSecurityManager instantiates a new LoginContext. The constructor of > LoginContext delegates to com.sun...ConfigFile. The method > getAppConfigurationEntry is not thread safe. > > StackTrace: _______________________________________________ Jboss-development mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-development
