I'm surprised that you suggest such a complex hack. In fact, using static methods of the the JACC javax.security.jacc.PolicyContext object, you can use
| HttpServletRequest request = (HttpServletRequest)PolicyContext.getContext("javax.servlet.http.HttpServletRequest"); | Using javax.security.jacc.PolicyContext.getHandlerKeys(), in my LoginModule, I find PolicyContext has "javax.ejb.arguments" PolicyContext has "javax.servlet.http.HttpServletRequest". It is a org.apache.catalina.connector.RequestFacade PolicyContext has "javax.security.auth.Subject.container" PolicyContext has "javax.xml.soap.SOAPMessage" PolicyContext has "org.jboss.ejb.BeanMetaData" PolicyContext has "javax.ejb.EnterpriseBean" Most of the keys return null, only the "javax.servlet.http.HttpServletRequest" key returns anything. On Logout, I find PolicyContext has "javax.ejb.arguments" PolicyContext has "javax.servlet.http.HttpServletRequest". It is a org.apache.catalina.connector.RequestFacade PolicyContext has "javax.security.auth.Subject.container". It is a javax.security.auth.Subject PolicyContext has "javax.xml.soap.SOAPMessage" PolicyContext has "org.jboss.ejb.BeanMetaData" PolicyContext has "javax.ejb.EnterpriseBean" So, looks like you can find the Subject any time using the "javax.security.auth.Subject.container" key. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3915245#3915245 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3915245 ------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click _______________________________________________ JBoss-user mailing list JBoss-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-user