I think you are missing a @SecurityDomain annotation in your SLSB. It's a JBoss annotation iirc. I was just messing around with this type of thing a few weeks ago.
You will also need to add/configure the domain in your login-config.xml file.
Thank You. This solved the problem.
May be you can help me with another question:
I want to use client side certificate to authorize, my question is:
If i use CertRolesLoginModule as a login module for my security domain. Who is responsibele to pass the certificate to the CertRolesLoginModule. I saw that certificate is passed in the javax.security.auth.login.password. But who does this ? And also , how can i use custom fileds in certificate to assgin role ? The defualt is "distinguished name" ?