To my knowledge NameCallback and PasswordCallback are not cached. What is cached is
Principal for the duration of the HttpSession.
In my login module the scope of the Callback is within the
public boolean login() throws LoginException
so that would negate any chance of caching
Also in the
public void initialize(Subject subject, CallbackHandler callbackHandler,
| Map sharedState, Map options)
method try to pass the security tokens in the sharedState Map if call backs are
insufficient for your purpose. I used this sharedStateMap to pass information between
login modules.
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4117415#...
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...