2 Replies Latest reply on Apr 28, 2003 5:52 PM by Peter Doornbosch

    custom principal in jboss-3.0.4_tomcat-4.1.12

    sanjay Newbie

      (jboss 3.0.4 + tomcat 4.1.12 embedded)

      I need to capture extra user info during login and I have implemented a custom principal + JAAS based custom login module as suggested by scott stark.
      My custom login module extends org.jboss.security.auth.spi.AbstractServerLoginModule and my custom principal extends org.jboss.security.SimplePrincipal and I have followed all the instructions in several posts on this forum.
      I have debugged extensively and found that I add roles and my custom principal correctly to the subject in commit()

      The login itself works great but I always get back a org.jboss.security.SimplePrincipal object instead of my custom principal when I do request.getUserPrincipal() in my jsp page.
      It appears that code in JBossSecurityMgrRealm.java always creates & stores an org.jboss.security.SimplePrincipal object and disregards my custom principal?

      I was wondering if anyone else has successfully tried doing this and got back a custom principal in request.getUserPrincipal()?

      I also found that Tomcat stand-alone works as expected (ie: request.getUserPrincipal() returns my custom principal) and I suspect this issue exists only in the embedded jboss+tomcat?

      -Sanjay