This may be due to EJB3 security using the SimpleSecurityManager class
that Carlo coded.
https://github.com/anilsaldhana/jboss-as/blob/master/security/src/main/ja...
There may be a missing link to the JBossCachedAuthenticationManager
inside the security subsystem.
On 11/28/2011 10:05 AM, Anil Saldhana wrote:
Ok, we will check this out.
We want the JBossCachedAM in all cases.
On 11/27/2011 01:21 PM, Dieter Tengelmann wrote:
> Hi,
>
> I've configured my security-domain with cache-type="default" in the
> standalone.xml, an instance of JBossCachedAuthenticationManager is
> initialized correctly via JNDIBasedSecurityManagement, but my
> application is permanently authenticating via the JAAS login module. I
> realized that "JBossAuthenticationManager" is used in all EJB parts,
> only the JBOSS web realm is using the
> JBossCachedAuthenticationManager...
>
> JBossSecurityContext.getAuthenticationManager() delivers via
> "DefaultSecurityManagement" an instance of
> JbossAuthenticationManager
>
> Is there a workaround for me to receive/set the correct
> AuthenticationManager till you fix this bug? Not using the cache
> causes some serious problems in my application...
>
> Best regards,
> Dieter Tengelmann