I am having a problem with getting the WebAuthentication capablity in JBoss 5.1 to work correctly. I have written a custom login module that is correctly getting called with the code below. However, after the call below, methods such as getRemoteUser() and getUserPrincipalName() are still empty. Is there something that I need to do in the login module to have these values work? I have implemented the Login() and commit() methods on my custom login module.
WebAuthentication webAut = new WebAuthentication();
If I try to use Form Base Authentication, everything work correctly. a Subject is returned with the correct values.
probably the authorization is not going through. Have you extended the login module from JBoss AbstractServerLoginModule?
We need a java.security.acl.Group instance in the subject called "Roles" for security to work.