How do I configure my JBossWS/CXF endpoint so that it does not cache authenticated credentials?
Issue
I'm using SubjectCreatingPolicyInterceptor
in my endpoint, and it invokes the JAAS security domain to authenticate a user (I'm using UsernameToken). I don't want the security domain to cache the user so that the login modules are invoked for every WS invocation to ensure potential changes in a user's privileges are honored without any delay.
Environment
- Red Hat JBoss Enterprise Application Platform (EAP) 6.x
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.