Hi

I have created a custom login module, and i want to expose the module options to the web application. For that i am using this approach:

try {

     HttpServletRequest request = (HttpServletRequest) PolicyContext.getContext("javax.servlet.http.HttpServletRequest");

     request.getSession().setAttribute("nDevLoginModuleOptions", moduleOptions);

                    } catch (Exception e) {

     log.error("Unable to store the login module options in http session");

     log.error(e.getMessage());

                    }

In a jboss 7.1.2 server i was getting an ClassDefNotFound for PolicyContext; i was looking for a good solution and found some, involving a custom Form Authenticator and some other things; but finally i came up with this:

<module xmlns="urn:jboss:module:1.1" name="com.ndeveloper.security">

  <resources>

    <resource-root path="ndev-security.jar"/>

  </resources>

   <dependencies>

    <module name="org.picketbox"/>

    <module name="javax.api"/>

    <module name="org.jboss.logging"/>

    <module name="javax.security.jacc.api"/>

    <module name="javax.servlet.api"/>

  </dependencies>

</module>

As you see, i made my module dependant of javax.security.jacc.api and javax.servlet.api; and now, it works fine

My question is, is there any drawback to this approach ???