Wonne, As far as I know, I don't think this is going to be possible in the immediate future. The web container uses an AuthenticationManager that it looks up in the ENC to authenticate users, and the only method that is exposed by that entity is isValid (Principal p, Object credential).
The principal that is used by the web container is always the JBossUserPrincipal. The info from the principal is extracted by the security backend during the isValid() call, which will invoke your custom login module if the subject/principal has not yet been authenticated or isn't in the cache. Your custom classes only ever interact with the security backend, and never with the web container directly. So, I don't really think we could provide access to your custom principal from the web layer without changes to the JBoss security layer. Of course, as always, Scott may have some further insight into this ... cheers, Jan >I am using custom JAAS loginmodule for both my web and ejb container, which >>authenticates just fine. The login module creates a custom Principle with >some >application specific attributes. >I now want to access that custom Principal object from within my web >container, but >request.getUserPrincipal only returns an >>org.jboss.jetty.security.JBossUserRealm$JBossUserPrincipal. >How can I acces our customized principal? Is it possible? -- This e-mail may contain confidential and/or privileged information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and destroy this e-mail. Any unauthorized copying, disclosure or distribution of the material in this e-mail is strictly forbidden. ------------------------------------------------------- This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power & Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en _______________________________________________ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user