[jboss-user] [Security & JAAS/JBoss] - Re: logout() in customized login modele

Thursday, 10 January 2008

When your HttpSession time's out or when you call session.invalidate(), the container
expires the caching of security credentials.

I believe you are referring to DefaultCacheTimeout in jboss-service.xml.

This specifies the default timed cache policy timeout in seconds.If you want to disable
caching of security credentials, set this to 0 to force authentication to occur every
time. Like wise 80000s means it will be cached for that many seconds, if session
invalidation does not occur. If your HttpSession expires before that, it will be cleared.
That is my understanding

View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4118898#...

Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

[jboss-user] [Security & JAAS/JBoss] - Re: logout() in customized login modele