after I sucessfully login, i do a request.getCallerPrincipal() call and get the authenticated principal.
This is not the same object type as the principal I created in my LoginModule. Shouldn't it be? If not, why are Principal objects created in the LoginModules?
a little more detail....
I created my own Principal class and named it J2EEPrincipal. If i do an instanceof on the returned principal from the httpServletRequest.getUserPrincipal() it is not my J2EEPrincipal type.