3 Replies Latest reply on Dec 9, 2005 4:30 AM by tosenthu

    Cached Authentication issue.

      Hai
      Am using Custom database login module, I want to restrict from one user to login more than once. I am able to get the available principals in the security domain. but I get that from the cached authentication list. Now the problem is the JAAS never allows to call my login module when the principal is already cached. Is there any way to let the login module to get executed even when the pricipal is cached.

      Thanks in advance.

      Senthil Kumar M Rangaswamy

        • 1. Re: Cached Authentication issue.
          dsimon

          This is actually something which is a rather major issue (IMO). The good news is that you can fix it by changing a configuration file (details follow). The bad news is that JBoss seems to be suffering from the same issues that have plagued IIS for years -- a default configuration that does not seem too concerned with security.

          In your deploy directory, you should have a file called "security-service.xml" -- open it and find the following line:

          1800

          change it to:

          0

          Save and restart JBoss.

          • 2. Re: Cached Authentication issue.
            starksm64

            You forgot the code tags.

            Also create a bug report to have this as the default configuration.

            • 3. Re: Cached Authentication issue.

               

              This is actually something which is a rather major issue (IMO). The good news is that you can fix it by changing a configuration file (details follow). The bad news is that JBoss seems to be suffering from the same issues that have plagued IIS for years -- a default configuration that does not seem too concerned with security.

              In your deploy directory, you should have a file called "security-service.xml" -- open it and find the following line:

              1800

              change it to:

              0

              Save and restart JBoss.


              hai dsimon,
              The solution will allow me to login all the time. but i will not be able to get the cached lists of users. My issue is I want the list of cached users list and also need the authentication happen all the time by-passing the cache.

              Thanks,
              Senthil Kumar M Rangaswamy.