[jboss-user] [Security & JAAS/JBoss] - Re: Help ... flushAuthenticationCache don't work

nipunbatra do-not-reply at jboss.com
Mon Feb 26 15:24:07 EST 2007 

try this

in your <jboss_home>/server/conf/jboss-service.xml try to modify cache params

<mbean code="org.jboss.security.plugins.JaasSecurityManagerService"
  |       name="jboss.security:service=JaasSecurityManager">
  |       <!-- A flag which indicates whether the SecurityAssociation server mode
  |       is set on service creation. This is true by default since the
  |       SecurityAssociation should be thread local for multi-threaded server
  |       operation.
  |       -->
  |       <attribute name="ServerMode">true</attribute>
  |       <attribute name="SecurityManagerClassName">org.jboss.security.plugins.JaasSecurityManager</attribute>
  |       <attribute name="DefaultUnauthenticatedPrincipal">anonymous</attribute>
  |       <!-- DefaultCacheTimeout: Specifies the default timed cache policy timeout
  |       in seconds.
  |       If you want to disable caching of security credentials, set this to 0 to
  |       force authentication to occur every time. This has no affect if the
  |       AuthenticationCacheJndiName has been changed from the default value.
  |       -->
  |       <attribute name="DefaultCacheTimeout">0</attribute>
  |       <!-- DefaultCacheResolution: Specifies the default timed cache policy
  |       resolution in seconds. This controls the interval at which the cache
  |       current timestamp is updated and should be less than the DefaultCacheTimeout
  |       in order for the timeout to be meaningful. This has no affect if the
  |       AuthenticationCacheJndiName has been changed from the default value.
  |       -->
  |       <!-- <attribute name="DefaultCacheResolution">60</attribute> -->
  |    </mbean>


Also in your jboss-web.xml define flushOnSessionInvalidation="true"
<jboss-web>
  | 	<security-domain flushOnSessionInvalidation="true" >java:jaas/eluminate</security-domain>
  | </jboss-web>
  | 

Let me know if it works

Thanks
Nipun

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4022662#4022662

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4022662

More information about the jboss-user mailing list