Custom principal support did not work in 3.2.3, so you definitely need the latter versions.
There certainly is a fundament difference between web tier and ejb tier authentication. How likely is it that IE6.x is going to be able to provide custom credentials for an authentication mechanism? Even FORM auth is limited to a username and password. It has no notion of a principal as there is no definition of how to use JAAS at the servlet spec level. You would have to provide a custom implementation of the form authenticator and change the tomcat Realm interface to support a Principal as the authentication id. Its a limitation of tomcat org.apache.catalina.Realm security provider interface. A feature request to tomcat is needed to add better support for Principal identities. View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3878489#3878489 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3878489 ------------------------------------------------------- This SF.Net email is sponsored by Oracle Space Sweepstakes Want to be the first software developer in space? Enter now for the Oracle Space Sweepstakes! http://ads.osdn.com/?ad_id=7412&alloc_id=16344&op=click _______________________________________________ JBoss-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/jboss-user
