I have written my own custom login module which is working fine. This returns a custom principal instead of the SimplePrincipal which has an additional organisation attribute.
However I was thinking in my EJB I could cast down to my custom principal and access the organisation accessor. e.g
CustomPrincipal caller = (CustomPrincipal)(this.sessionContext.getCallerPrincipal());
However I am getting a classcast exception as it appears I am still using SimplePrincipal.
I think I I need to amend the ClientLoginModule to return this as well. Is this what everyone would expect?
I have looked at the code for the ClientLoginModule and I assume I need to create a new callback to gather the organisation, construct my custom principal and provide this in the SecurityAssociation.setPrincipal call.
However I am unsure if I need to invoke SecurityAssociation.setCredential(password) why is this used?
Any help is much appreciated.