[jboss-user] [Security & JAAS/JBoss] - Re: Repeated calls to LoginModule for EJB authentication

brownjamese do-not-reply at jboss.com
Fri Feb 9 12:07:58 EST 2007

Resolved the issue and answered my own question.  In our case it was directly related to the JassSecurityManager configuration which had been changed to 0 for both DefaultCacheTimeout and DefaultCacheResolution.  The interesting question that I am left with however, is why do I see the following in the logs if caching is, in essence, disabled:

14:59:10,048 TRACE [org.jboss.security.plugins.JaasSecurityManager.acol-core-policy] Inse
rted cache info: org.jboss.security.plugins.JaasSecurityManager$DomainInfo at 31ac05[Subject(
).principals=org.jboss.security.SimpleGroup at 28014118(Roles(members:xxx,yyy,zzz))org.jboss.security.S
implePrincipal at 22316052(U174791),credential.class=java.lang.String at 23438274,expirationTime=117096114

A quick peak at JassSecurityManager and the inner DomainInfo leads me to believe that there could be optimizations if DefaultCacheTimeout  (aka lifetime) == 0.

-- James

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4013768#4013768

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4013768

More information about the jboss-user mailing list