[jboss-user] [Security & JAAS/JBoss] - Re: session timeout does not invalidate the SSO
bstansberry@jboss.com
do-not-reply at jboss.com
Tue Aug 22 18:49:11 EDT 2006
The SingleSignOn valve doesn't have any simple hooks for tracking this. There may be a couple of hackish ways to get what you want:
1) Subclass SingleSignOn and override register() and deregister() to add the notifications you want (haven't looked closely; there may be other methods you need to monitor as well.)
2) Use ClusteredSingleSignOn, get hold of the JBoss Cache instance it's using, implement TreeCacheListener and monitor the SSO portion of the cache for node additions and removals. (Yuck)
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3966824#3966824
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3966824
More information about the jboss-user
mailing list