Ok, could be that the LoginModule de.danet.an.staffmgmt.jbossx.StaffMemberLoginModule 
you are using is not building an authenticated Subject the way JBoss is expecting it.

I'd suggest you to change the debug level of the org.jboss.security.auth.spi package 
to TRACE. With this you will be able to see more details about whats happening in the 
Login Module. Would be usefull if you make a followup with it.

Another thing: 
In your web tier if you do a 'request.getUserPrincipal()' what is the result ? 
Do you get 'null' or a valid Principal ? 
If you get 'null' here don't expect the Security Manager in your EJB tier, to know 
which is the username to be used when invoking the login module.

Regards.
Gianluca.
 

View the original post : 
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3853132#3853132

Reply to the post : 
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3853132


-------------------------------------------------------
This Newsletter Sponsored by: Macrovision 
For reliable Linux application installations, use the industry's leading
setup authoring tool, InstallShield X. Learn more and evaluate 
today. http://clk.atdmt.com/MSI/go/ins0030000001msi/direct/01/
_______________________________________________
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user

Reply via email to