struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Grassi Fabio" <Fabio.Gra...@ggsinformatica.it>
Subject R: Realm authentication & password change
Date Mon, 17 Nov 2003 15:59:48 GMT
Thanks Adam, I was deriving from the wrong class (MemoryDatabase). I have just tried to extended
JDBCRealm instead (in order to use stored procedures instead of the default queries) and everything
looks to work fine (I'm still testing).

Thanks again, Fabio.

> -----Messaggio originale-----
> Da: Adam Hardy [mailto:ahardy.struts@cyberspaceroad.com] 
> Inviato: lunedì 17 novembre 2003 13:45
> A: Struts Users Mailing List
> Oggetto: Re: Realm authentication & password change
> 
> 
> On 11/17/2003 12:43 PM Grassi Fabio wrote:
> > I'm using Tomcat User Database Realm authentication with a Struts
> > application. It all works fine *but* I would like to give 
> my users the
> > ability to change their password. The problem is that once 
> the password
> > is changed in my RDBMS, Tomcat keeps the old password in 
> memory until
> > restarted. So the unlucky user who has changed the password gets
> > prevented from logging in again.
> 
> Hi Fabio,
> I don't think that is quite correct. As far as the docs go, 
> the info is 
> kept for the duration of the session. So you have to invalidate the 
> user's session and force them to log in again.
> 
> Adam
> 
> -- 
> struts 1.1 + tomcat 5.0.12 + java 1.4.2
> Linux 2.4.20 RH9
> 
> 
Ai sensi della Legge 675/96, si precisa che le informazioni contenute in questo messaggio
sono riservate ed a uso esclusivo del destinatario. Qualora il messaggio in parola Le fosse
pervenuto per errore, la preghiamo di eliminarlo senza copiarlo e di non inoltrarlo a terzi,
dandocene gentilmente comunicazione. Grazie.<BR><BR>This message, for the law
675/96 may contain confidential and/or privileged information. If you are not the addressee
or authorized to receive this for the addressee, you must not use, copy, disclose or take
any action based on this message or any information herein. If you have received this message
in error, please advise the sender immediately by reply e-mail and delete this message. Thank
you for your cooperation.
Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message