I have JBOSS with jsf + seam web-application. Previously I work with auth by <login-config> FORM type auth with own LoginModule work over JAAS. To protected web pages uses <security-constraint> by roles.
Now need integration with CAS.
I add CAS-Server web-app to project and implement cas-client to my wep-app, but if I use <security-constraint> session for my web-app do not have a remote user, without <security-constraint> - all fine, cas-server put remote into session.
May anybody help me? Why if I use <security-constraint> session not have remote user or why it`s cleared?