[
http://issues.apache.org/jira/browse/GERONIMO-677?page=comments#action_12317030
]
David Jencks commented on GERONIMO-677:
---
Login modules were indeed being reused. I think it is fixed in M4:
Sending
[
http://issues.apache.org/jira/browse/GERONIMO-677?page=comments#action_12317033
]
David Jencks commented on GERONIMO-677:
---
applied to M5:
Sending
modules/security/src/java/org/apache/geronimo/security/jaas/JaasLoginModuleConfiguration.java
[
http://issues.apache.org/jira/browse/GERONIMO-677?page=comments#action_12317099
]
David Jencks commented on GERONIMO-677:
---
Added a simple test, refurbished MultipleLoginDomains test
M4:
Sending
[
http://issues.apache.org/jira/browse/GERONIMO-677?page=comments#action_12317015
]
Kevan Miller commented on GERONIMO-677:
---
The problem lies in org.apache.geronimo.security.realm.providers.SQLLoginModule
(that's why David wasn't able to reproduce
[
http://issues.apache.org/jira/browse/GERONIMO-677?page=comments#action_12315425
]
David Jencks commented on GERONIMO-677:
---
So far I haven't been able to reproduce this using the properties login module
and a simple jsp page that prints the
[
http://issues.apache.org/jira/browse/GERONIMO-677?page=comments#action_12315212
]
David Jencks commented on GERONIMO-677:
---
I'm not very clear on how sessions work, but I don't think invalidating a
session logs you out. Please let me know if I am
