[jboss-user] [Security & JAAS/JBoss] - Re: Repeated calls to LoginModule for EJB authentication
kuzmiigo
do-not-reply at jboss.com
Wed Jan 10 04:46:17 EST 2007
Thank you, Anil.
Although the subject is taken from the cache, I see that LoginModules's commit() method is called anyway. As I add "User logged in" to audit log in commit(), there are too much false "login" records in the log. I see two solutions:
1. To check whether login()/commit() are called for the first time (real login), or with the cached subject. Is it possible to distinguish these cases?
2. To add "login" records to the audit log in some other place. Where it should be placed?
Best regards,
Igor Kuzmitshov
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3999809#3999809
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3999809
More information about the jboss-user
mailing list