do you have anyway to trace what actions are being performed on the database ?
I know that MySQL will let you trace **every** call that is made so you can see all of the database statements. This would be rather useful in trying to find out when tomcat gets the data from the database ... I take it that there are no proxies involved and you have your cache settings in your browser set to no caching ? Can you try this with the newer version of TC and let us know if that fixes it ? D Alex Kachanov wrote: >It looks as it is not working. > >I log into protected area as nnnn/mmmmm >Then logout. >Close all browser windows >Change the password to "qqqqqq" >Launch new browser >Open the protected area >Still nnnn/mmmmm is valid combination but nnnn/qqqqqq is not. > >Restart Tomcat >Launch new browser >Open the protected area >nnnn/qqqqqq is now a valid login combination > >Using Tomcat 4.0.4 English >Tried both MemoryRealm and JDBCRealm > > >-----Исходное сообщение----- >От: David Cassidy [mailto:[EMAIL PROTECTED]] >Отправлено: Вт 03.09.2002 18:08 >Кому: Tomcat Users List >Копия: >Тема: Re: JDBC Realm - changing password > > > > to quote ... > > http://jakarta.apache.org/tomcat/tomcat-4.1-doc/realm-howto.html > > * Once a user has been authenticated, the user (and his or her > associated roles) are cached within Tomcat for the duration of the > user's login. (For FORM-based authentication, that means until the > session times out or is invalidated; for BASIC authentication, > that means until the user closes their browser). Any changes to > the database information for an already authenticated user will > *not* be reflected until the next time that user logs on again. > > has this user 'logged out' / had their session invalidated ? > > Very interrested as I want to use this myself and if things like pw > change don't work then .... > > Let us know > > D > > > > Alex Kachanov wrote: > > >OK, a user wants to change his password for the Tomcat protected folder. > >The protection is done using JDBCRealm (or MemoryRealm). > >The password is changed using a special servlet. > > > >OK, password is changed in the database, BUT, > >you have to restrat Tomcat or restart the context to make new password >working! > > > >That's sad, unless I'm missing something. > > > >with best wishes > >Alexander Kachanov > > > > > >-- > >To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> > >For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> > > > > > > > > > > > -- > To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> > For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> > > > > > >------------------------------------------------------------------------ > >-- >To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> >For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> > -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
