Rod Macpherson <[EMAIL PROTECTED]> wrote: > The cookies will be in the request header so if you have access to the > request in the custom login then a call to getCookies otta work fine.
That's just it, I don't have access to the cookies in the custom login module. Ideally, the HTTP request object should be tucked away in one of the Subject properties so it can be accessed from within the custom login module, but it's not. I'll dig into ITracker and post what I find. Since it looks like it is cross-platform (not just JBoss), I suspect they use some sort of "stick username into session" hack instead of using container based authentication... ken _______________________________________________ Join Excite! - http://www.excite.com The most personalized portal on the Web! ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user