Hi,

I have configured the Jboss to use DatabaseServerLoginModule to retrieve password and roles from my backend server.

For the web applicaiton, i used the Form Based authroization setting.

It work fine.

I would like to enforce password change say after 30 days. How can this be implemented. (I used embedded Tomcat version of Jboss 3.0.6)

I have tried to use servlet filter for thr URL /j_security_check, but it does not work. (The filter is not invoked)

Any suggestions is welcomed.

Thanks in advance
Michael