Shouldn't SecurityAdaptorImpl process full user authentication via JaasSecurityManagerService.isValid ?Now Principals/Credentials are set directly in SecurityAssiation wihtout any JAAS authentication.