What I try to do is:

Programatically establish an indentity in a servlet and propagate it to be disposable to all the web applications on the same realm.

(I have to do it programatically for: http://www.jboss.com/index.html?module=bb&op=viewtopic&t=102853
The code of my servlet is:

 try {
 UsernamePasswordHandler handler = new UsernamePasswordHandler("XXX", "XXX");
 LoginContext lc = new LoginContext("MyDomain", handler);
 lc.login();

 }catch(Exception e ) {
 e.printStackTrace();
 }

And the log that I get is:

DEBUG (MyLoginModule.java.java:98) - login()
INFO (MyLoginModule.java.java:151) - User XXX ok with role YYY
TRACE (org.jboss.security.ClientLoginModule.ClientLoginModule.java:103) - Security domain: MyDomain
TRACE (org.jboss.security.ClientLoginModule.ClientLoginModule.java:121) - Enabling restore-login-identity mode
TRACE (org.jboss.security.ClientLoginModule.ClientLoginModule.java:130) - Enabling useFirstPass mode
TRACE (org.jboss.security.ClientLoginModule.ClientLoginModule.java:139) - Begin login
TRACE (org.jboss.security.ClientLoginModule.ClientLoginModule.java:223) - commit, subject=Asunto:
 Principal: XXX
 Principal: Roles(members:YYY)

TRACE (org.jboss.security.SecurityAssociation.SecurityAssociation.java:460) - pushSubjectContext, subject=Asunto:
 Principal: XXX
 Principal: Roles(members:YYY)

This is the debug code I get just after lc.login() in my servlet.



The problem is that then when the servlet ends I had this stacktrace:

ApplicationFilterChain.internalDoFilter(ServletRequest, ServletResponse) line: 252
ApplicationFilterChain.doFilter(ServletRequest, ServletResponse) line: 173
ReplyHeaderFilter.doFilter(ServletRequest, ServletResponse, FilterChain) line: 96
ApplicationFilterChain.internalDoFilter(ServletRequest, ServletResponse) line: 202
ApplicationFilterChain.doFilter(ServletRequest, ServletResponse) line: 173
StandardWrapperValve.invoke(Request, Response) line: 213
StandardContextValve.invoke(Request, Response) line: 178
SecurityAssociationValve.invoke(Request, Response) line: 175
BasicAuthenticator(AuthenticatorBase).invoke(Request, Response) line: 432
JaccContextValve.invoke(Request, Response) line: 74
StandardHostValve.invoke(Request, Response) line: 126
ErrorReportValve.invoke(Request, Response) line: 105
CachedConnectionValve.invoke(Request, Response) line: 156
SingleSignOn.invoke(Request, Response) line: 392
StandardEngineValve.invoke(Request, Response) line: 107
CoyoteAdapter.service(Request, Response) line: 148
Http11Processor.process(InputStream, OutputStream) line: 869
Http11Protocol$JmxHttp11ConnectionHandler(Http11BaseProtocol$Http11ConnectionHandler).processConnection(TcpConnection, Object[]) line: 664
PoolTcpEndpoint.processSocket(Socket, TcpConnection, Object[]) line: 527
MasterSlaveWorkerThread.run() line: 112
ThreadWithAttributes(Thread).run() line: 595

And when the arrives at BasicAuthenticator I get:

popRunAsIdentity, runAs=null

and then:

2007-02-28 17:43:17,688 TRACE (org.jboss.security.SecurityAssociation.SecurityAssociation.java:555) - clear, server=true

It looks as if the credential are deleted, aren't they?

The login-config.xml has:

 <application-policy name="MyDomain">
 <authentication>
 <login-module code="MyModule"
 flag = "required">
 <module-option name="password-stacking">useFirstPass</module-option>
 </login-module>

 <login-module code="org.jboss.security.ClientLoginModule" flag="required">
 <module-option name="password-stacking">useFirstPass</module-option>
 <module-option name="restore-login-identity">false</module-option>
 </login-module>

 </authentication>
 </application-policy>

Please, please, please,...... someone can help in this nigthmare?¿

PD: All is to try to solve the problem I also explain in :