[jboss-user] [Security & JAAS/JBoss] - Re: why it is possible to login with old password in JAAS(Da
j2ee_junkie
do-not-reply at jboss.com
Thu Aug 3 08:14:36 EDT 2006
Baskar,
After a password is changed, the user must be logged out of application (i.e. JBossSX cache flush). If your UI is web-based, this usually can occure by invalidating the web session. Is this step happening? You can verify what principals are in the cache via the jmx-console (mbean: jboss.security:service=JaasSecurityManager).
cgriffith
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3962807#3962807
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3962807
More information about the jboss-user
mailing list