[jboss-user] [Security & JAAS/JBoss] - Re: why it is possible to login with old password in JAAS(Da

Thursday, 3 August 2006

Baskar,

After a password is changed, the user must be logged out of application (i.e. JBossSX
cache flush).  If your UI is web-based, this usually can occure by invalidating the web
session.  Is this step happening?  You can verify what principals are in the cache via the
jmx-console (mbean: jboss.security:service=JaasSecurityManager).

cgriffith

View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3962807#...

Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

[jboss-user] [Security & JAAS/JBoss] - Re: why it is possible to login with old password in JAAS(Da