I wrote a small test application that verifies that JAAS authentication is working. It now is ;) but when I try to fetch

lc.getSubject().getPrincipals(), I get a Set with no entries. The permissions are definetely there: If I take away a needed permission in roles.properties, I get this error:
Caused by: javax.ejb.EJBException: checkSecurityAssociation; CausedByException is:
Insufficient method permissions, principal=cactus, method=create, interface=HOME, requiredRoles=[SystemAdministrator], principalRoles=[EreignisquellenAdministrator, Adressat]
So this should mean that JBoss correctly authenticates me and assigns the proper permissions.

When I call entityContext.getCallerPrincipal() from a EJB i call from the test program, I get my login name (cactus) back, so everything is ok there. But why cannot I get a list of principals in my test program right after the authentication? Or are the roles not listed there? How can I get them after lc.login()? How can I get the list of roles from the entityContext?

lc = new LoginContext("InformMeDomain", handler);
Subject subject;
try
{
lc.login();
subject = lc.getSubject();
log("authentication succeeded");
Iterator it = lc.getSubject().getPrincipals().iterator();
while(it.hasNext()) {
Object o = it.next(); // Never called, because it.hasNext() always returns false ;((((
System.out.println("principle: "+o.getClass().getName()+ " "+o);
}