[
https://jira.jboss.org/jira/browse/JBAS-7923?page=com.atlassian.jira.plug...
]
ali aslan closed JBAS-7923.
---------------------------
Resolution: Done
The Bug is solved but I really don't know why.
Authentication caches wrong credential settings
-----------------------------------------------
Key: JBAS-7923
URL:
https://jira.jboss.org/jira/browse/JBAS-7923
Project: JBoss Application Server
Issue Type: Bug
Security Level: Public(Everyone can see)
Components: Security
Affects Versions: JBossAS-5.1.0.GA
Environment: Windows Vista, jdk1.5.0_18, MySQL Server 5.0
Reporter: ali aslan
Assignee: Anil Saldhana
My Problem is that I can login/logout with different users as long as I do not enter a
wrong password for a user.
If this happens it is not possible to authenticate any other user. Authentication always
fails.
If I delete the browser cookies I can authenticate the user again.
The JAAS configuration in jboss-service.xml
<!-- JAAS security manager and realm mapping -->
<mbean code="org.jboss.security.plugins.JaasSecurityManagerService"
name="jboss.security:service=JaasSecurityManager">
<attribute name="ServerMode">true</attribute>
<attribute
name="SecurityManagerClassName">org.jboss.security.plugins.JaasSecurityManager</attribute>
<attribute
name="DefaultUnauthenticatedPrincipal">anonymous</attribute>
<attribute name="DefaultCacheTimeout">0</attribute>
<attribute name="DefaultCacheResolution">0</attribute>
<attribute name="DeepCopySubjectMode">false</attribute>
</mbean>
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira