to quote ...
http://jakarta.apache.org/tomcat/tomcat-4.1-doc/realm-howto.html
* Once a user has been authenticated, the user (and his or her
associated roles) are cached within Tomcat for the duration of the
user's login. (For FORM-based authentication, that means until the
session times out or is invalidated; for BASIC authentication,
that means until the user closes their browser). Any changes to
the database information for an already authenticated user will
*not* be reflected until the next time that user logs on again.
has this user 'logged out' / had their session invalidated ?
Very interrested as I want to use this myself and if things like pw
change don't work then ....
Let us know
D
Alex Kachanov wrote:
>OK, a user wants to change his password for the Tomcat protected folder.
>The protection is done using JDBCRealm (or MemoryRealm).
>The password is changed using a special servlet.
>
>OK, password is changed in the database, BUT,
>you have to restrat Tomcat or restart the context to make new password working!
>
>That's sad, unless I'm missing something.
>
>with best wishes
>Alexander Kachanov
>
>
>--
>To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
>For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
>
>
>
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
