Please post the entire exception stacktrace, your code and the custom login configuration. Which version of JBoss and Java are you using?
I guess I solved part of my problem by removing the security domain configuration I had on my jboss.xml. My understanding was that when I looked up a bean my application was initiating a new login process instead of using the one that was returned when I called the login method explicitly on my LoginContext.
Now is left for me to figure out why I get classCastException when I try to cast the principal to my custom principal
My understanding was totally wrong. Doing what I described in the last post logged me in as an anonymous user.
How should I look up a bean after login() in LoginContext succeeds?
You haven't yet posted any code or configurations, so i don't exactly know what might be wrong :-)
Sometime back, there was a similar thread where we had a discussion about securing EJBs and allowing only specific roles to have access to the methods. Read through this thread
http://www.jboss.com/index.html?module=bb&op=viewtopic&t=138382. The example is based on EJB2.x, but one reply in that thread has an EJB3 example.
If that does not help then post back with more details.
Thanks for your time. I figured out how to do this. I had some concepts misunderstood. My login-config.xml had some extra configurations that should not be there.