Hi, Currently, AFAIK LoginModulePlugin [1] interface is not ready to inject additional principals to the subject. I stumbled across this issue implementing an LDAP custom login module that should retrieve groups and roles during the authentication process.
I suppose that we can overwrite o.a.jackrabbit.core.security.authentication.AbstractLoginModule.getPrincipals() in PluggableDefaultLoginModule class. But this approach forces us to add the getPrincipals method into the LoginModulePlugin interface. I´m not sure if many people is using this interface but is there any trouble if I add getPrincipals to the LoginModulePlugin interface?. Rory or Vidar maybe?. Regards, Juanjo. [1] http://svn.apache.org/repos/asf/sling/trunk/bundles/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/security/LoginModulePlugin.java [2] http://svn.apache.org/repos/asf/sling/trunk/bundles/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/impl/security/PluggableDefaultLoginModule.java
