The web.xml has:
..
<session-config>
<session-timeout>1</session-timeout>
</session-config>
..
The jboss-web.xml looks like:
<jboss-web>
<security-domain flushOnSessionInvalidation="true">
java:/jaas/TatSecurityDomain
</security-domain>
</jboss-web>
when I wanted to access any page after 1 minute of the 1st login, I requested
to fill the login info. again.
but when I logged in again, my login module wasn't executed at all, jboss
authenticated me based on its cache!
did I miss any thing! or is there any thing wrong in above configs!
please advise!
View the original post :
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3872678#3872678
Reply to the post :
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3872678
-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click
_______________________________________________
JBoss-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/jboss-user
