[jboss-user] [Security & JAAS/JBoss] - Re: How to dynamically change security role without logging

mcalello do-not-reply at jboss.com
Mon Mar 3 08:46:24 EST 2008

We were able to finally workaround this issue without resorting to turning off all authentication caching in 4.2.2GA.  

First I flush the authentication cache for the user who needs their roles refreshed. 

Then use the new WebAuthentication class that Anil added (see: 
to logout the user and programmatically log them right back in.

Anil, do you see any drawbacks to this approach?

Hope this helps!

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4133626#4133626

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4133626

More information about the jboss-user mailing list