I have tried to find a solution in these forums to my problem but in vain.
I hope you could help me.
Now, I have a JAAS bases J2EE application with JSP Frontend.
User data a saved for instance in an ldap server.
How to enforce refreshing the authentication and user data from the persistence medium (LDAP Server or Database) after some user data (password, name a.s.o) have been changed or after a logout ?
Using session.ivalidate() and removing the principals from the subjects are not not sufficient !
Please help a.s.a.p
PS: I am using JBOss 3.2.3 RC 1 with Tomcat
You have to flush the authentication cache by calling the JaasSecurityManager MBean.
There are many threads about this.