Yes, you're right. The third party's app. LoginModule adds a AppUserPrincipal (which extends the GeronimoGroupPrincipal class) to the Subject's principals, just like the PropertyFileLoginModule example you've shown to me.
But that doesn't explain why I end up with a JAASTomcatPrincipal on the to-be-replicated session unless there is some wrapping down the chain. I've read the links you've given me but I'm still in the dark regarding this one. Cheers, Mircea. -- View this message in context: http://n3.nabble.com/DeltaManager-only-support-GenericPrincipal-Your-realm-used-principal-class-org-apache-geronimo-tomcal-tp443671p445415.html Sent from the Users mailing list archive at Nabble.com.