[jboss-user] [Security & JAAS/JBoss] - Re: How to dynamically change security role without logging
mcalello
do-not-reply at jboss.com
Mon Mar 3 08:46:24 EST 2008
We were able to finally workaround this issue without resorting to turning off all authentication caching in 4.2.2GA.
First I flush the authentication cache for the user who needs their roles refreshed.
http://wiki.jboss.org/wiki/Wiki.jsp?page=CachingLoginCredentials
Then use the new WebAuthentication class that Anil added (see:
http://wiki.jboss.org/wiki/Wiki.jsp?page=WebAuthentication)
to logout the user and programmatically log them right back in.
Anil, do you see any drawbacks to this approach?
Hope this helps!
-Marc
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4133626#4133626
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4133626
More information about the jboss-user
mailing list