[jboss-user] [Security & JAAS/JBoss] - Re: how to disable password-stacking property
purna_cherukuri
do-not-reply at jboss.com
Thu Dec 14 01:46:43 EST 2006
Hi,
I have removed that option in my login-config.xml
Now my login-config.xml is like this.
<?xml version='1.0'?>
| <!DOCTYPE policy PUBLIC
| "-//JBoss//DTD JBOSS Security Config 3.0//EN"
| "http://www.jboss.org/j2ee/dtd/security_config.dtd">
| <policy>
| <!-- For the JCR CMS -->
| <application-policy name="cms">
| <authentication>
| <login-module code="org.apache.jackrabbit.core.security.SimpleLoginModule" flag="required"/>
| </authentication>
| </application-policy>
|
| <application-policy name="portal">
| <authentication>
| <login-module code="com.tsky.customlogin.CustomLoginModule" flag="required">
| <module-option name="unauthenticatedIdentity">guest</module-option>
| <module-option name="userModuleJNDIName">java:/portal/UserModule</module-option>
| <module-option name="roleModuleJNDIName">java:/portal/RoleModule</module-option>
| <module-option name="additionalRole">Authenticated</module-option>
| </login-module>
| </authentication>
| </application-policy>
| </policy>
It is still caching the username and passwords. I want it to go to CustomLoginModule each time.
Can anyone help me out in this?
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3993707#3993707
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3993707
More information about the jboss-user
mailing list