Hey all, we're running JBoss 2.4.2, and I just finished up working on a simple little password reset system for our portal. Use case is basically
user gives email -> user receives email with session key and clicks it -> user inputs new password. I'm just updating the jbp_users table via JDBC (md5sum'ing their new password and inserting it in the table), and I can verify that the new hash is correct, but JBoss Portal seems to be caching the old login info.
My question is, can I force JBoss to forget its cached logins and recheck the database for changes, or is there a better way to do this? This isn't running inside a portlet, so I can't juse use getPortletContext().getAttribute("UserModule") to find a user by username and update their password that way.
Anyway, I'm sure I'm doing it wrong, but any help would be greatly appreciated. Thanks so much!