My application uses a custom built LoginModule giving rights for users to stateful EJB's protected by security-roles. This works fine, but I would like to establish a HttpSessionBindingListener that does some cleanup/remove on the users EJB's on http session timeout. This obviously has to be done in the same security context as the original - and now disappeared - user. I tried several different approaches without success. Does anybody have an idea?
regards/Peter View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3883845#3883845 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3883845 ------------------------------------------------------- SF.Net email is sponsored by: Discover Easy Linux Migration Strategies from IBM. Find simple to follow Roadmaps, straightforward articles, informative Webcasts and more! Get everything you need to get up to speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click _______________________________________________ JBoss-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/jboss-user
