It is build in into JBoss 3.2.4 and thus also 3.2.5. I have an application working with my own Principal on both 3.2.4 and 3.2.5. I added a <module-option name="PrincipalClass>xxx.MyPrincipal</module-option>
If you also want to access your the xxx.MyPrincipal in the webserver environment you need to write you're own LoginModule and add an extra Group to the getUserRoles() method like: | ... | SimpleGroup callerPrincipal = new SimpleGroup("CallerPrincipal"); | callerPrincipal.addMember(getIdentity); | ... | I'm not sure if I wrote the configuration and java code 100% correct, cause i type what i remember, i don't have an example available right here. If you have still a problem with the new SimplePrincipal which is created in the login method, why don't you override this login method in you're own LoginModule and fix it you're self. Even all this there is still one moment where a SimplePrincipal is instantiated and where I also don't have a solution and that is the moment a user logs into on the webserver (tomcat). Inside tomcat a new SimplePrincipal is created and passed to JBoss, after authentication in your LoginModule this SimplePrincipal is changed into your xxx.MyPrincipal. I think the only solution here is to write you're own Realm for Tomcat/JBoss or implement your own JAAS sercurity. View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3842117#3842117 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3842117 ------------------------------------------------------- This SF.Net email is sponsored by BEA Weblogic Workshop FREE Java Enterprise J2EE developer tools! Get your free copy of BEA WebLogic Workshop 8.1 today. http://ads.osdn.com/?ad_id=4721&alloc_id=10040&op=click _______________________________________________ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user