I am trying to run a java test program for my application in JBoss 3.0.4. The test application has 2 different subjects, one for "system" and one for "guest".
The authentication and login (JAAS and UsersRolesLoginModule) went OK for both subjects. I checked that the usernames and passwords were actually authenticated.
The problem is the propagation of subject from client to server with the "javax.security.auth.Subject.doAs(subject, action)". The last subject authenticated was guest, and even if I try to use the "system" subject, it is still "guest" on server side arrival.
It worked OK with WebLogic and "weblogic.security.Security.runAs".
I worked OK on WebLogic (weblogic.security.Security.runAs)