I'm working on a larger JBoss based project (Client-Application and EJBs). Our system uses the regular database username/password mechanism to authenticate the user. This works fine. I'm now trying to add a way to additionale authenticate only using an id (a byte or String) to log into the server without the need of a password.
I tried to put the id into the username and then submitting it to a custom ServerLoginModule. I used a prefix to decide if the username is a real username or an id. Beside the fact that this is not the way a username should be handled my principal gets the id as the username even if I translate the id to the real username and create the SimplePrincipal-Object using this username. This causes many problems in futer calls to EJBs.
I think the best way would be to add another CallBack for the id but I didn't find any good documentation for this. This might not solve the username in Principal problem.
Can someone give me a hint where to start.