Browser caches user authorities when using Waffle security

When using Waffle security (with Spring security, in my case) I discovered that both Internet Explorer (9) and Firefox (5) caches authorities bounded to user. I discovered this when I’ve chagned required user group to access my application and then I added current user to required group but no change. I couldn’t gain access. After some debugging it appeared that Waffle returns unchanged set of authorities for current user.
Reloading browser, tomcat and clearing all caches and data didn’t work. I’m sure that Chrome would work neither.
Firefox has convenient way to clear active logins. Click Tools-> Clear recent history -> [check]active logins

Finally I got the solution – user should logout and login again into windows box…

You May Also Like

Spring security authentication-success-handler-ref and authentication-failure-handler-ref does not work with KerberosServiceAuthenticationProvider

I'm using SpringSecurity with KerberosServiceAuthenticationProvider which is Kerberos security extension. You can read how to use it on extension author's blog.But you cannot use handler on form-login to catch authorization result. It's because of inne...I'm using SpringSecurity with KerberosServiceAuthenticationProvider which is Kerberos security extension. You can read how to use it on extension author's blog.But you cannot use handler on form-login to catch authorization result. It's because of inne...