1 Reply Latest reply on May 8, 2013 11:31 AM by urvish parikh

    Jaas security context

    urvish parikh Newbie



      Currently we are using spring security for the authentication and authorization.

      After successful authenticaiton we use the SecurityContetLoginModule (JAAS login) to generate the subject based on the spring security context.

      Subject created without any issues which contains principal and roles.


      We are using JBoss 5.1.0.GA.

      Question is how to provide this JAAS context to web container? As subject is not propagated to container all requests are fail?

      How to retreive getPrincipal a non null value after JAAS login?


      I have exactly similar situation.


      Q7: Why does getUserPrincipal/getPrincipal return null after a JAAS login


      A7: The only time getUserPrincipal/getPrincipal return a non-null value is when the user has authenticated to the container. Doing a JAAS login from within a servlet/ejb method is simply executing an independent authentication against the corresponding JAAS login configuration.



      Thx in advace !