Each cache entry has a time to live. When that expires, it is evicted. Overall the cache itself has a default timeout.
You only care about cache eviction in situations where in the web application has logged the user out but he is not yet evicted in the authenticaiton cache. It is a border condition where in the user password has changed or you need to get newer roles for the user.
Reply to this message by going to Community
Start a new discussion in AS7 Users at Community
Asked him for suggestions.BolekOn Nov 7, 2011, at 6:26 PM, Marko Strukelj wrote:I'm looking into it. I found a service that does that - but it exists at MSC level, so it needs to be accessed via JBoss AS7 proprietary API.Bolek, you can prod Anil to comment on this post.On Mon, Nov 7, 2011 at 3:46 PM, Nicolas FILOTTO <nicolas.filotto@exoplatform.com> wrote:
About https://issues.jboss.org/browse/EXOJCR-1619, to avoid any misunderstanding, can you ask internally how we can flush cached credentials (as described here http://docs.jboss.org/jbosssecurity/docs/6.0/security_guide/html_single/index.html#The_JBoss_Security_Extension_Architecture-The_JaasSecurityManagerService_MBean) on JBoss AS 7? Maybe it is not needed anymore? Or do you expect that I ask the question in the forum of JBoss AS 7?