I have a standalone application that uses EJB3 services provided by JBoss AS 4.2.0. To guarantee the confidentiality of authentication, I'm investigating the SRPLogin module.
In Jboss configuration guide, chapter 8, it is written
The org.jboss.security.srp SRPVerifierStoreService is an example MBean service that binds an implementation of the SRPVerifierStore interface that uses a file of serialized objects as the persistent store. Although not realistic for a production environment, it does allow for testing of the SRP protocol and provides an example of the requirements for an SRPVerifierStore service.