- 
        1. Re: ClientLoginModule and additional stateragavgomatam Apr 28, 2008 9:16 PM (in response to lukeb)LoginModules are designed for authentication/authorization. State information is specific to your application, where as JAAS modules are not designed to handle state information. However this said, you can pass in static information to the module by Map options & Map sharedState. These are set up in the login-config.xml...Check out if passing static information through these maps would be helpful for you or not. Also writing your own CustomLogin module may not help as it is not designed to pass state info. 
- 
        2. Re: ClientLoginModule and additional statelukeb Apr 29, 2008 5:18 AM (in response to lukeb)Thank you for the reply and sorry - I didn't quite make myself clear. Using state was not the correct term. 
 Having read the JAAS tutorial I see that a Subject can have many principals. For instance a username, a social security number etc. Using the ClientLoginModule (from a remote java client) I was hoping that I could add addition principals to my Subject and the additional Principals would be available in the server in my custom login module. This isn't the case.
 I think I know why now as in the SecurityClientInterceptor.java JBoss does the following:public Object invoke(org.jboss.aop.joinpoint.Invocation invocation) throws Throwable { // Get Principal and credentials Principal principal = SecurityActions.getPrincipal(); if (principal != null) invocation.getMetaData().addMetaData("security", "principal", principal); Object credential = SecurityActions.getCredential(); if (credential != null) invocation.getMetaData().addMetaData("security", "credential", credential); return invocation.invokeNext(); }
 So it appears that only a Principal and Credential are remoted to the server in the ejb call meta data.
 Not that I really know anything about it but I was expecting to see a Subject used rather than a Principal.
 I'll investigate using a custom principal.
 I can see no way from a remote java client to get information into the options and shared state maps as I understand it, they are purely for purposes of communication between login modules and for configuration options.
- 
        3. Re: ClientLoginModule and additional stateragavgomatam Apr 29, 2008 12:05 PM (in response to lukeb)Yeah...As you say adding a CustomPrincipal with additional properties could help. There is a post in this same forum where an example (full source code) on CustomPincipal with additional properties is posted. Check it out. 
 
    