Also, how does one log out? After using the container's authentication to call through to my LoginModule, my web app's logout processing then doesn't have access to the LoginContext to call the logout() method.
I suppose my LoginModule can put it into my user principal during login.... DOH! just looked, the LoginModule has no access to the LoginContext that called it! How can I possibly log out? Anyway... My user principal object (an application-specific Object which carries a lot of app-specific context) which goes into the "CallerPrincipal" Group of the Subject annoyingly has to extend org.jboss.security.SimplePrincipal. Why should this be? Surely, it just needs to implement java.security.Principal? Why does JBoss check that it's an instance of org.jboss.security.SimplePrincipal? View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3913520#3913520 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3913520 ------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click _______________________________________________ JBoss-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/jboss-user
