[jboss-jira] [JBoss JIRA] Closed: (JBAS-7923) Authentication caches wrong credential settings

ali aslan (JIRA) jira-events at lists.jboss.org
Fri May 14 08:13:10 EDT 2010 

     [ https://jira.jboss.org/jira/browse/JBAS-7923?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

ali aslan closed JBAS-7923.
---------------------------

    Resolution: Done


The Bug is solved but I really don't know why.


> Authentication caches wrong credential settings
> -----------------------------------------------
>
>                 Key: JBAS-7923
>                 URL: https://jira.jboss.org/jira/browse/JBAS-7923
>             Project: JBoss Application Server
>          Issue Type: Bug
>      Security Level: Public(Everyone can see) 
>          Components: Security
>    Affects Versions: JBossAS-5.1.0.GA
>         Environment: Windows Vista, jdk1.5.0_18, MySQL Server 5.0
>            Reporter: ali aslan
>            Assignee: Anil Saldhana
>
> My Problem is that I can login/logout with different users as long as I do not enter a wrong password for a user.
> If this happens it is not possible to authenticate any other user. Authentication always fails.
> If I delete the browser cookies I can authenticate the user again.
> The JAAS configuration in jboss-service.xml 
>    <!-- JAAS security manager and realm mapping -->
>    <mbean code="org.jboss.security.plugins.JaasSecurityManagerService"
>       name="jboss.security:service=JaasSecurityManager">
>       <attribute name="ServerMode">true</attribute>
>       <attribute name="SecurityManagerClassName">org.jboss.security.plugins.JaasSecurityManager</attribute>
>       <attribute name="DefaultUnauthenticatedPrincipal">anonymous</attribute>
>        <attribute name="DefaultCacheTimeout">0</attribute>
>       <attribute name="DefaultCacheResolution">0</attribute>
>       <attribute name="DeepCopySubjectMode">false</attribute>
>    </mbean>

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the jboss-jira mailing list