[jboss-user] [Security & JAAS/JBoss] - Re: how to disable password-stacking property

purna_cherukuri do-not-reply at jboss.com
Thu Dec 14 01:46:43 EST 2006


Hi,

I have removed that option in my login-config.xml
Now my login-config.xml is like this.
<?xml version='1.0'?>
  | <!DOCTYPE policy PUBLIC
  |       "-//JBoss//DTD JBOSS Security Config 3.0//EN"
  |       "http://www.jboss.org/j2ee/dtd/security_config.dtd">
  | <policy>
  |    <!-- For the JCR CMS -->
  |    <application-policy name="cms">
  |       <authentication>
  |          <login-module code="org.apache.jackrabbit.core.security.SimpleLoginModule" flag="required"/>
  |       </authentication>
  |    </application-policy>
  |    
  |    <application-policy name="portal">
  |       <authentication>
  |          <login-module code="com.tsky.customlogin.CustomLoginModule" flag="required">
  |             <module-option name="unauthenticatedIdentity">guest</module-option>
  |             <module-option name="userModuleJNDIName">java:/portal/UserModule</module-option>
  |             <module-option name="roleModuleJNDIName">java:/portal/RoleModule</module-option>
  |             <module-option name="additionalRole">Authenticated</module-option>
  |          </login-module>
  |       </authentication>
  |    </application-policy>
  | </policy>

It is still caching the username and passwords.  I want it to go to CustomLoginModule each time. 
Can anyone help me out in this?



View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3993707#3993707

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3993707



More information about the jboss-user mailing list