[jboss-user] [Security] - AdvancedLdapLoginModule - get groups

I successfully integrated the SPNEGO authentication module. In my application, I see that req.getUserPrincipal() returns the userid of the user logged into the Windows machine (e.g., jdoe(a)mycom.com). How do I find out if this user belongs to a specific AD group? (note: I have the group name I'm looking for) I'm accustom to using req.isUserInRole(aRole) but it appears I can put any value in here and it returns "false". I tried integrating the Advanced LDAP Login Module (chained configuration) per the JBoss Negotiation users guide. The integration worked but still the same result - req.isUserInRole() returns false. Is this the purpose of the Advanced LDAP Login Module or am I mis-interpreting why I would use it? Do I need to write my own JAAS module? Thanks! View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4266169#... Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&a...