0 Replies Latest reply on Oct 30, 2012 8:51 AM by mkind

    Login module and session issues



      I've created a simple login module based on org.jboss.security.auth.spi.UsernamePasswordLoginModule.

      Also, created a new security domain:



      <security-domain name="mydomain" cache-type="default">


                <login-module code="com.test.MylLoginModule" flag="required"></login-module>















      Authentication configuration in web.xml:












      All works fine, but if to login from several different places (computers), session sometimes seems "shared": login/logout in app running in one machine causes login/logout for the application running on another. In other words, two users trying to login using the same credentials, but from different places.

      I was sure such authentication mechanizm works with browser session, isn't it?