My application is using my own databaseloginmodule.
Two clients using same username to login.
But JAAS will only do the job for the first guy login if the second one using exactly the same username, such as "admin" and "admin", not "admin" and "AdMin".
I know the principals would be different if using "admin" and "AdMin".
Is there any way to force the JAAS to ignore the existing subjects and do the authorization again? Since I want to forbid the user to perform multi-login with same username.
Thanks in advanced!
There is no notion of ignoring existing subjects, but you can flush the cache to remove them.
http://www.jboss.org/wiki/Wiki.jsp?page=CachingLoginCredentials