I am using JBossSX/JAAS (JBoss 4.2.2) and using a custom login module which extends UsernamePasswordLoginModule which gets the user's password from the database. I need to implement a password change feature for a authenticated user. After the password is updated in the database, all access is denied as expected, after the jaas-cache-timeout expires.
Is there any way to change the password of the principal so I don't have to force the user to logout and then log back in again after they change their password?
I am also curious how to accomplish...we are using form-based authentication with j_security_check.