Bugs item #610843, was opened at 2002-09-18 01:15 You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=376685&aid=610843&group_id=22866
Category: JBossSX Group: v3.0 Rabbit Hole Status: Open Resolution: None Priority: 5 Submitted By: Timo Warns (timow) Assigned to: Nobody/Anonymous (nobody) Summary: Caching of JaasSecurityManager.DomainInf Initial Comment: We had problems with JaasSecurityManager. Sometimes it returned wrong values for "isUserInRole". Here is what we believe causes the problem: JaasSecurityManager uses (as default) TimedCachePolicy.get(Object) as method to access cached JaasSecurityManager.DomainInfo entries. TimedCachePolicy.get(Object) checks whether entries have expired and tries to refresh them if this is the case. If refreshing fails, the entry will be removed and "null" will be returned. The problem is that DomainInfo is not able to refresh (refresh() just returns "false"). Thus if a DomainInfo is expired and JaasSecurityManager.doesUserHaveRole(...) is called, it will return "false", even if "true" would be correct. Sorry, if we misunderstood anything! ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=376685&aid=610843&group_id=22866 ------------------------------------------------------- This SF.NET email is sponsored by: AMD - Your access to the experts on Hammer Technology! Open Source & Linux Developers, register now for the AMD Developer Symposium. Code: EX8664 http://www.developwithamd.com/developerlab _______________________________________________ Jboss-development mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-development