my dog learned polymorphism*
The moose likes JBoss/WildFly and the fly likes j_security_check??????? Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Android Security Essentials Live Lessons this week in the Android forum!
JavaRanch » Java Forums » Products » JBoss/WildFly
Bookmark "j_security_check???????" Watch "j_security_check???????" New topic
Author

j_security_check???????

Gabriel Tunde
Greenhorn

Joined: Feb 22, 2006
Posts: 2
I am using Form-based authentication in my login page, when a user login, he is validated and his credentials are stored in the cache(i guess). When the user changes his credential (like his password for example), he is still able to login with the previous password until he login with the new password before the previous credentials stored are discarded. Does j_security_check supports caching and how is it disabled? I am using Jboss as the application server. Please help................
Jaikiran Pai
Marshal

Joined: Jul 20, 2005
Posts: 9956
    
163

Flush the authentication cache. Check the DefaultCacheTimeout at:
http://wiki.jboss.org/wiki/Wiki.jsp?page=JaasSecurityManagerService

You might have to add the DefaultCacheTimeout attribute to the JAAS security manager, mentioned in the %JBOSS_HOME%/server/default/conf/jboss-service.xml file:



[My Blog] [JavaRanch Journal]
Jaikiran Pai
Marshal

Joined: Jul 20, 2005
Posts: 9956
    
163

This link looks more useful:

http://www.jboss.org/wiki/Wiki.jsp?page=CachingLoginCredentials
Gabriel Tunde
Greenhorn

Joined: Feb 22, 2006
Posts: 2
Thanks.
I tried both solutions proferred in the jboss link and both worked independent of each other.
Thanks once again.
 
jQuery in Action, 2nd edition
 
subject: j_security_check???????
 
Similar Threads
Question on form based authentication
Access protected resource (j_security_check)
j_security_check 'next' page?
EJB, JDBC Realm, Session tracking
Glasfish: JDBC Realm and Session Tracking.