3 Replies Latest reply on Jun 17, 2003 9:06 AM by Juha Lindfors

    How to use Authentication Cache?

    nish_dce Newbie

      Hi All.
      I have a scenario in which client once logged in needs to make multiple network calls from the client side,until he logs out.
      What I want is to maintain the same "User", "Password" information from the server side and do some custom logic based on session info passed by client, so that once client is logged in,the latter need not send the user/password info for each network call.
      I have seen something called as "AuthenticationCache" attribute provided for JAASSecurityManager which supposedly handles the same!
      Can anyone provide some information/sample code to illustrate the same ?

      Thanks in Advance,
      Newbie.

        • 1. Re: How to use Authentication Cache?
          Juha Lindfors Master

          If you're using standalone EJB clients then the user/password information is propagated with each invocation regardless of authentication cache. Authentication cache only caches the security context information on the server side therefore minimizing access to potentially slow datasources (for example, only accessing the database to query users, passwords and roles every 30 seconds).

          • 2. Re: How to use Authentication Cache?
            nish_dce Newbie

            Thanks Juha!!
            I was curious to know ,what is the function of CachePolicy,ObjectFactory etc,which are associated with AuthenticationCache usage and how to use them in our application.
            And do we any sample demonstrating the same?

            Thanks in advance,
            Newbie.

            • 3. Re: How to use Authentication Cache?
              Juha Lindfors Master

              CachePolicy interface is for different authentication cache implementations. ObjectFactory is JNDI interface for handling object lookups that create object instances at lookup time -- in this case they return a proxy to a naming context interface that allows you to list and lookup information in a given security domain (such as java:/jaas/MyApplicationSecurity)