1 Reply Latest reply on Dec 31, 2005 2:28 AM by anil.saldhana

JAAS login problem

kevinlam Dec 30, 2005 11:37 AM

Hi all,

Please help me with this issue as I am completely puzzled...

Some background:
I am using mysql, jboss 4 and the org.jboss.security.auth.spi.DatabaseServerLoginModule . Everything works fine until there is a new requirement in my program.

The status of the user must not be 'NEW' in order to pass the login, so I added "<module-option name="principalsQuery">SELECT u.PASSWORD FROM user u WHERE u.USERNAME=? and u.status <> 'NEW'</module-option>"

Which works ok for the first time, i.e. if I have just started the server and user status == 'NEW', it fails and works perfectly, but if the user successfully logged in the first time, then I changed the status of the user to 'NEW' and logoff the user and try to log in again, it login successfully??

It seems that JBoss is caching the login details?? Or am I setting things wrong??

Many thx
Kevin

1. Re: JAAS login problem

anil.saldhana Dec 31, 2005 2:28 AM (in response to kevinlam)

Flush the authenticationcache.

http://docs.jboss.org/jbossas/jboss4guide/r4/html/ch8.chapter.html#d0e17696
http://wiki.jboss.org/wiki/Wiki.jsp?page=JaasSecurityManagerService
Actions