0 Replies Latest reply on Feb 16, 2002 8:19 AM by Jim Rand

    Password cache - simple solution

    Jim Rand Newbie

      A user needs to be able to change their own password. However, JBoss 2.4.4 caches the user information after it does the initial login.

      Using Scott Stark's "How To" article as a baseline, run example2-test0 which has the password "echoman". Now change the password in the database to "echoone" and login again as echoman -- you still get in. Change the build file to switch the password to "echoone" -- that works too. Now change the build file back to log in as "echoman" and it fails. Note: echoone still works.

      A simple solution to have the password change take effect immediately:
      1) User logs in with the old password and changes the password to a new value. Now, both passwords will work.
      2) Unbeknownst, relogin with the new password. Now, only the new password works.

      I can live with this.