3 Replies Latest reply on Sep 4, 2005 12:04 PM by Scott Stark

    Flushing JAAS for Principal

    Anders Engstrom Newbie

      (Posted to the jboss-user mailing-list as well)


      I'm trying to flush the jaas authorization cache in our application (to
      pick up changes to roles etc.).

      I've managed to flush the *entire* cache
      (flushAuthenticationCache(java.lang.String) and this works fine but I'd
      like to use the flush-method that takes a principal as well.

      My code looks something like:

      Object[] params = new Object[]{jaasDomainName, simplePrincipal};
      String[] signature = new String[]{"java.lang.String",
      mbeanServer.invoke(jaasObjectName, "flushAuthenticationCache", params,

      The simplePrincipal object my own implementation of the Principal
      interface (just takes the username in the constructor and returns it on

      This code executes without any error messages, but the cache is not
      flushed. If I execute the same(?) method in the web-console the cache
      *is* flushed for the named user.

      My guess is that the CachePolicy can't find my principal and that in
      order to get my code working I must get my hands on the actual Principal
      object used by JBoss JAAS.

      If this is the case, then how do I do it? If not, what am I doing wrong?

      Best Regards //Anders

        • 1. Re: Flushing JAAS for Principal

          Try creating a SimplePrincipal instance instead of your own (this may help in case its just a equals() problem [if it is, you may be able to fix it by making sure your implementation has a matching equals() & hashCode() implementations]).

          -- Juha

          • 2. Re: Flushing JAAS for Principal
            Alessandro Tugnoli Newbie

            Hi, I'm in the same situation too, I've also tried to pass to the SecurityManager
            my own implementation of Principal class (I've called MyPrincipal that extends Principal) but this not solved my problem.
            This is my piece of code:

             String domain = "jmx-console";
             Principal loggedUser=sessionctx.getCallerPrincipal();
             MyPrincipal userp = new MyPrincipal(loggedUser.getName());
             ObjectName jaasMgr = new ObjectName("jboss.security:service=JaasSecurityManager");
             Object[] params = {domain, userp};
             String[] signature = {"java.lang.String", "java.security.Principal"};
             MBeanServer server = (MBeanServer) MBeanServerFactory.findMBeanServer(null).get(0);
             server.invoke(jaasMgr, "flushAuthenticationCache", params, signature);
            catch(Exception e3)

            This is the a part of the code of MyPrincipal class
             public boolean equals(Object o)
             if(o.getClass()==java.security.Principal.class )
             Principal p=(Principal)o;
             if(p.getName().equals(username)) return true;
             else return false;
             return super.equals(o);
             public int hashCode()
             Principal p=(Principal)(this);
             return p.hashCode();

            but when I log out so it cleans the cache JBoss gave me a stackoverflow error
            So, could someone post an example of the code to implement the equals() and the hashCode() please?
            thank you

            • 3. Re: Flushing JAAS for Principal
              Scott Stark Master

              Your hashCode method is broken. Reasonable implementations are:

               public boolean equals(Object another)
               if (!(another instanceof Principal))
               return false;
               String anotherName = ((Principal) another).getName();
               boolean equals = false;
               if (name == null)
               equals = anotherName == null;
               equals = name.equals(anotherName);
               return equals;
               public int hashCode()
               return (getName() == null ? 0 : getName().hashCode());