Here is the weird problem I am facing.
I change the user password loggin in as admin. (This will change the password in the database)
Now the user will be able to log in to the system with his old password, which is very strange.
He will continue to use his old password untill
1. He logs in (once) using his new password or
2. The system is restarted.
In fact, when I try to debug, I don't see the program entering the LoginContext.login method. This happens only when I use the old password. If I use the new password or some other value for password, I can see it entering the login method.
I am using FORM based authentication and org.jboss.security.auth.spi.DatabaseServerLoginModule as the login module.
Anyone has a clue?