[jboss-user] [Security & JAAS/JBoss] - Re: How to flush the old password

oldreaper do-not-reply at jboss.com
Fri Aug 29 07:36:25 EDT 2008

Although this is a solution, but caching private credentials seems not appropriate. The JAAS specification does not enforce not caching private credentials, but it argues that it is better to clean the private credentials. So, the developer should have a chance to specify such a behavior when the application is configured, but not programmaticly.

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4173302#4173302

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4173302

More information about the jboss-user mailing list