There's no guarantee that what you get returned will be an instance of the principal class used in the login module. It just represents the principal as mapped to the application domain.
If you want direct access the principals as defined in the operational environment, then your best plan is probably to use the Subject. There is an example of how to do this in the following article:
I had the same problem but when i added the 'CallerPrincipal' group to my custom loginmodule I got my custom principal.
My commit() method in my custom loginmodule now looks like:
//Method to commit the authentication process (phase 2).
public boolean commit()
if(m_Subject != null)
Set principals = m_Subject.getPrincipals();
Set roles = m_Subject.getPublicCredentials();
if(principals != null && roles != null)
principals.add(new UserPrincipal(new SnapshotPK(this.m_ID), m_Username));
// Set the rules for this principal in the 'Rules' group
Group group = new SimpleGroup("Roles");
// Set the Principal class returned from a call to m_CTX.getCallerPrincipal()
Group callerPrincipalGroup = new SimpleGroup("CallerPrincipal");
callerPrincipalGroup.addMember(new UserPrincipal(new SnapshotPK(this.m_ID), m_Username));
I hope this can help you!
Better late than never !
ist it possible to use this method on client side, i.e. in my servlet?