[jboss-user] [Security & JAAS/JBoss] - Re: Repeated calls to LoginModule for EJB authentication
brownjamese
do-not-reply at jboss.com
Fri Feb 9 12:07:58 EST 2007
Resolved the issue and answered my own question. In our case it was directly related to the JassSecurityManager configuration which had been changed to 0 for both DefaultCacheTimeout and DefaultCacheResolution. The interesting question that I am left with however, is why do I see the following in the logs if caching is, in essence, disabled:
14:59:10,048 TRACE [org.jboss.security.plugins.JaasSecurityManager.acol-core-policy] Inse
rted cache info: org.jboss.security.plugins.JaasSecurityManager$DomainInfo at 31ac05[Subject(
17676813
).principals=org.jboss.security.SimpleGroup at 28014118(Roles(members:xxx,yyy,zzz))org.jboss.security.S
implePrincipal at 22316052(U174791),credential.class=java.lang.String at 23438274,expirationTime=117096114
8415]
A quick peak at JassSecurityManager and the inner DomainInfo leads me to believe that there could be optimizations if DefaultCacheTimeout (aka lifetime) == 0.
-- James
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4013768#4013768
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4013768
More information about the jboss-user
mailing list