To investigate the functioning of the authentication cache I traced the networktraffic of the database port. The result is:
When calling flushAuthCache() there is no access to the database. Instead, the assigned authentication role is destroyed. Even the call isCallerInRole() is not a reason to re-read the security information stored in the database. The securtiy information only is read, i. e. running the SQL-statement stored in login-config.xml against the database, when the browser requests a resource by the next time. It seems that flushing the authentication cache only sets a flag signaling to re-read authentication information by the next time. Which call does really trigger the database access? View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3834943#3834943 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3834943 ------------------------------------------------------- This SF.Net email is sponsored by: SourceForge.net Broadband Sign-up now for SourceForge Broadband and get the fastest 6.0/768 connection for only $19.95/mo for the first 3 months! http://ads.osdn.com/?ad_id=2562&alloc_id=6184&op=click _______________________________________________ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
