I am implementing my first JAAS implementation and have some problems/questions.
Firstly my commit method of my LoginModule does the following (User and Role both implement Principal) // Create a new User Principal with the user name retrieved from the NameCallback User user = new User(username); // Add the principal to the subject subject.getPrincipals().add(user); for (int i = 0; i < roles.length; i++) { // Iterate the role names retrieved from the database lookup String roleName = roles[i]; // Create a new Role Principal with the role name Role role = new Role(roleName); // Add it to the public credentials to see if it works subject.getPublicCredentials().add(role); // Add it to the private credentials to see if it works subject.getPrivateCredentials().add(role); } return true; In the JSP that the application returns to after doing form based authentication the following occurs <p>Subject = <%= Subject.getSubject(AccessController.getContext()) %></p> <p>Remote User = <%= request.getRemoteUser() %></p> <p>User Prinicipal = <%= request.getUserPrincipal() %></p> But this produces Subject = null Remote User = administrator User Prinicipal = GenericPrincipal[administrator()] Why is the subject null please? The request.isUserInRole() methods for the role names I added to the subject also return false... has anyone got some helpful ideas please? If more source is needed I can gladly provide it if will help --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]