Im have a war project with JAX-RS interface deployed on wildfly and there is a security-domain configured, which loads user password and role from db. The security-domain uses cache-type=default. Updates of authenticated users are not recognized by the security-domain, because the old data are cached. I verified this with the jboss-cli.sh. So how can I remove a specific user from the cache? I want to do this within the deployed application and not via jboss-cli.sh.
Wildfly flush cache of security-domain
8.9k Views Asked by AudioBubble At
3
There are 3 best solutions below
0
On
If you remove the attribute 'cache-type=default' from the security-domain, no cache will be used. See also here: https://docs.jboss.org/author/display/WFLY8/Security+subsystem+configuration
1
On
In Wildfly 10 using Domain Mode you can clear cache for security domains very easily by using jboss-cli on the following way:
First connect to Domain Controller by using
./jboss-cli.sh --connect controller={domainhost}:9990 --user={username} --password={password}
Then execute command
/host={hostname}/server={instancename}/subsystem=security/security-domain={securityname}:flush-cache
If security domain is defined like this:
<security-domain name="ldap-test" cache-type="default">
command will look like this:
/host=wf-server-1/server=instance-1/subsystem=security/security-domain=ldap-test:flush-cache
The similar solution should work for Standalone Mode.
Your issue may be related to a bug in WildFly: https://issues.jboss.org/browse/WFLY-3221.
There is a workaround to explicitly flush the authentication cache:
I've tested this approach in a slightly different use case. The interesting bit is accessing the
authenticationManager- it should be easy to adapt that to your situation.The bug should be fixed in WildFly 9.x (I didn't check).