Hi, Your link is referring to 2 kinds of modules: - The JAAS login module, which can be viewed as a shiro authentication realm in the JAAS security framework (more or less as a JAAS login module can also handle user interaction during the authentication). - The Jboss AS 7 module system that is used to achieve modular classloading. And in your link: a JAAS login module is deployed as a JBoss AS 7 module (Java guys like modular stuff...).
So I guess, you're asking about hints of using Shiro behind JAAS, if so, you can try this link: http://stackoverflow.com/questions/5736077/how-can-i-delegate-jaas-authorization-checks-to-shiro Personnaly, I wouldn't recommend such a thing, you will end up with lots of hacks and will loose the ability to use most of the more interesting shiro features. Moreover, if both JAAS and Shiro are java security frameworks, I don't think their targets/scopes are the same: JAAS is more a low-level, container-wide security framework whereas Shiro is more high-level, application-wide. -- View this message in context: http://shiro-user.582556.n2.nabble.com/Shiro-as-a-module-in-JBoss-7-tp7578798p7578799.html Sent from the Shiro User mailing list archive at Nabble.com.
