2 Replies Latest reply on Sep 20, 2005 9:37 AM by Gerd Streubel

    Change Password: FailedLoginException

    Victor Batista Newbie

      Hello!
      I am using JBoss 4.0.2 with the jbas-1875-patch.zip patch. I have a web application which uses a DatabaseLoginModule for authentication.
      I am having problems when one user changes its password. On the session bean I am executing the code at he end of this message to flush the Authentication Cache.

      After the user changes its password, any call to session beans throw the Exception:
      "java.rmi.AccessException: SecurityException; nested exception is:
      javax.security.auth.login.FailedLoginException: Password Incorrect/Password Required"

      How can I solve this problem? Any help would really be appreciated.
      Thanks in advance,
      Victor Batista


      //Code to flush Authentication Cache
      java.util.ArrayList servers = MBeanServerFactory.findMBeanServer(null);
      if (servers.size() != 1) {
      throw new EJBException("Not exactly one server found");
      }

      MBeanServer mbeanServer = (MBeanServer) servers.get(0);
      String[] params = { datasource };
      String[] signature = { "java.lang.String" };
      try {
      ObjectName name = new ObjectName("jboss.security", "service", "JaasSecurityManager");
      mbeanServer.invoke(name, "flushAuthenticationCache", params, signature);


      Principal user = sessionContext.getCallerPrincipal();
      char[] passwordChars = null;

      if( passwd != null ) {
      passwordChars = passwd.toCharArray();
      SecurityAssociation.setPrincipal(user);
      SecurityAssociation.setCredential(passwordChars);
      }

      } catch (Exception e) {
      e.printStackTrace();
      throw new EJBException(e);
      }