JBoss holds onto the cache of users and roles. So if you changed a users
role, they would not be able to see it for 1/2 an hour.
I subclassed UserManagerImpl, and created a version specific to JBoss, then
I changed UserManagerImpl to use a stub method called flushAuthCache.
UserManagerJBossSpecific invalidates the user cache using JMX (code below).
JBoss is pretty cool!
Since I am using Spring. I did not have to change any other code in the
system. Just one configuration file!
Spring change:
<bean id="userManager"
class="org.appfuse.webapp.service.UserManagerJBossSpecific">
<property name="userDAO"><ref local="userDAO"/></property>
</bean>
I love IOC. I only have one class in the system that is JBoss specific and,
you can change it... to not be specific by doing this...
<bean id="userManager" class="org.appfuse.webapp.service.UserManagerImpl">
<property name="userDAO"><ref local="userDAO"/></property>
</bean>
Spring is an IOC/AOP container.
--taken from JBoss forum---
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3823134#3823134
Thanks for all your help. I was able to clear the cache. Here is the code
that does the trick. It took a bit of doing. There was sample code online
but it was with an older version of JBoss so it did not quite work. The
Director of Training for JBoss Europe sent me the final missing piece.
Here is code that clears the security cache. Hopefully someone will find
this useful when they google it in the future. Enjoy!
[code]
/*
* This file was created by Rick Hightower of ArcMinds Inc.
*
*/
package org.appfuse.webapp.service;
import java.lang.reflect.Method;
import java.net.InetAddress;
import java.rmi.Remote;
import javax.management.ObjectName;
import javax.naming.Context;
import javax.naming.InitialContext;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
/**
* @author Richard Hightower
* ArcMind Inc. http://www.arc-mind.com
*/
public class UserManagerJBossSpecific extends UserManagerImpl {
private static Log log = LogFactory.getLog(UserManagerJBossSpecific.class);
private Remote server = null;
private Context initialContext = null;
/**
* @throws Exception
*/
public UserManagerJBossSpecific() throws Exception {
super();
}
public void flushAuthCache() throws Exception {
log.debug("flushAuthCache start");
ObjectName jaasMgr =
new ObjectName("jboss.security:service=JaasSecurityManager");
Object[] params = { "expressDomain" };
String[] signature = { "java.lang.String" };
invoke(jaasMgr, "flushAuthenticationCache", params, signature);
log.debug("flushAuthCache stop");
}
protected Object invoke(
ObjectName name,
String method,
Object[] args,
String[] sig)
throws Exception {
return invoke(getServer(), name, method, args, sig);
}
protected Object invoke(
Remote server,
ObjectName name,
String method,
Object[] args,
String[] sig)
throws Exception {
//((org.jboss.jmx.adaptor.rmi.RMIAdaptor) server).
//invoke(name, method, args, sig);
Class [] argTypes = new Class []
{ObjectName.class, String.class, Object[].class,
String[].class};
Method m = server.getClass().getMethod("invoke", argTypes);
return m.invoke(server,new Object[]{name, method, args, sig});
}
Remote getServer() throws Exception {
init();
return server;
}
protected void init() throws Exception {
if (initialContext == null) {
initialContext = new InitialContext();
}
if (server == null) {
String serverName =
System.getProperty("testAdvantage.jboss.server.name");
if (serverName == null) {
serverName = InetAddress.getLocalHost().getHostName();
}
server =
(Remote)
initialContext.lookup("jmx/invoker/RMIAdaptor");
}
}
}
[/code]
Notice I don't include any JBoss specific classes, this is because I did not
want to add them to the build script. Not sure if this is a good idea or
not. I left a comment in showing how to do it directly instead of
reflection.
I try to make a habit of including the solution as well as the problem
(after I get help and figure it out). ;)
--Richard M Hightower II
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
