Thank you for your prompt reply. Can you point me to some docs/examples of how to configure security caching and implementing my own security cache policy for 3.0 (and maybe also 2.4)? I looked through JBossBook_304.pdf and nothing jumped out at me.
Thanks again,
David
--
Scott M Stark escribi�::
This is the expected behavior due to caching. If caching is enabled then
a given login module stack is not executed unless the cache credentials are
missing or expired. You need to implement your own cache policy that
returns no value when accessed in the context of the web app and returned
the authentication cache info outside of this context.
xxxxxxxxxxxxxxxxxxxxxxxx
Scott Stark
Chief Technology Officer
JBoss Group, LLC
xxxxxxxxxxxxxxxxxxxxxxxx
----- Original Message ----- From: "David Ward" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, December 24, 2002 9:06 AM
Subject: [JBoss-user] LoginModule methods not always being called on login
Hello, all - we've got an issue where interface methods of our custom login module are not being called after a first successful login. Our guess is somewhere in the security info caching. We see it in both JBoss-2.4.7_Tomcat-3.2.3 and jboss-3.0.3_tomcat-4.1.12 on W2K, Linux, Solaris, using JDK 1.3.1 and JDK 1.4.1. We are using form-based authentication, per J2EE spec.
...Has anyone else seen this? Is there a way to configure jboss to always call all methods on the custom LoginModule during a login, but cache authentication/roles during other use of the system?
Thanks,
David
------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
