There's an authentication cache in the default distribution already.
Thanks for your answer.
> There's an authentication cache in the default
> distribution already.
I know this, and I am using the default cache. When I am examining it with jmx-console I can see that my principal is stored - and it is used as long as one request from the client is executed, e.g. if a session bean calls other beans.
But as soon as the client is doing the next request (without calling login again), my ServerLoginModul is doing everything again.
How should jboss recognize that the client is already authenticated?
PS: To get a better understanding I tried to use example 8 of the jboss book, but I couldn't compile it because I couldn't find ServiceMBeanSupport in any of the jar files. Where can I find this class file? I am using jboss-3.2.1
Hi I am not sure if this will fix your problem. I had a similar problem where an authenticated user was not recognized properly by the server. In order to overcome this problem, I stored the LoginContext, with which the user was logged in, in the user's session and had a servlet filter call the LoginContext::login() method at each request.
That's sounds interesting - can you elaborate?