I've got a situation where the context-root of each of a number of web applications should be used as part of the WHERE clause in the principalsQuery of a database login module. Specifically, I have a number of web applications that should share a single login module. But when the query to find the principal is done, it should include part of the URI of the request that triggered the query.
In this way, user names need not be unique across all deployed web applications, even though these applications share a single login module and a single authentications table. Note that all these applications access the same EJBs.
There seem to me to be two possible routes here:
1. Have a different security-domain / application-policy for each application - but would I have to edit login-config.xml and restart JBoss each time I added a new application?
2. Write a custom login module - but how can this custom login module find the URI of the original request? I've written and tested a sample module that reproduces the behavior of the DatabaseServerLoginModule, but I can't see how to access this information.
What's the most elegant solution here? I would very much appreciate any advice.