Add real support for password-stacking (useFirstPass) in LDAPExtLoginModule --------------------------------------------------------------------------- Key: JBAS-2681 URL: https://jira.jboss.org/jira/browse/JBAS-2681 Project: JBoss Application Server Issue Type: Feature Request Security Level: Public(Everyone can see) Components: Security Affects Versions: JBossAS-4.0.3 SP1 Environment: All Reporter: Didier Kreutter Assignee: Andrew Oliver Attachments: LDAPAuth.patch, ldapextpatch It would be nice, we could use the "useFirstPass" option of this login-module, like it can be done with the DatabaseServerLoginModule. With the construct of the LDAPExtLoginModule, it is not possible to use the LDAP-Directory to search for Roles without having to validate the Password, if this has been done by an precedent LoginModule (DB or SSO). I think the problem is in the fact, that the effective Role-Search is done in the overridden "validatePassword" function... witch will never been called when the "useFirstPass" option is set. Is it Possible to fulfill the roles in the getRoleSets() function?