[jboss-user] [Security & JAAS/JBoss] - Caching name and passwordcallbackhandler
kristof.devos
do-not-reply at jboss.com
Thu Dec 27 08:35:05 EST 2007
Hi
I have 2 applications running on 1 server instance. Both have a different loginmodule and have a different security domain.
The first application is a management application and allows administrators to login on the 2nd application as different users. For this I've setup an SSO solution --> SAML ticket and username are sent loginmodule of the 2nd application using the standard form authentication (auto submit), but in the 2nd loginmodule when I use the name and passwordcallbackhandlers they return me username and password of my first application and not the username and samlticket. So callbacks still cache previous values.
Putting the DefaultCacheTimeout = 0 is not an option as it affects our performance.
Is there any way to make sure the callbacks are not cached?
thx
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4115696#4115696
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4115696
More information about the jboss-user
mailing list