[jboss-user] [Security & JAAS/JBoss] - Re: SecurityAssociationCallback returns NULL-Principal in 5.

Hello anil, thanks for your answer. So, i understood my CustomLoginModule is responsible to assign the principal to the 'LisaUser'-role in the commit-phase. But in the login-phase, i can't get the principal from the SecurityAssociationCallback, which works in 4.0.3SP1. In detail, i call a getUserNameAndPassword() method /** | * Gather username (principal) and password from callbackhandler which should be authenticated | * | * @return see main descritption | * @throws LoginException | */ | @Override | protected Object[] getUsernameAndPassword() throws LoginException | { | Object[] info = { null, null }; | // prompt for a username and password | if (callbackHandler == null) | { | throw new LoginException("Error: no CallbackHandler available " + "to collect authentication information"); | } | LOG.debug("Current callbackHandler " + callbackHandler.toString()); | | SecurityAssociationCallback callback = new SecurityAssociationCallback(); | Callback[] callbacks = { callback }; | String username = null; | try | { | callbackHandler.handle(callbacks); | | Principal principal = callback.getPrincipal(); | LOG.debug("'getUsernameAndPassword()' found Principal " + principal); | if (principal != null) | { | m_identity = principal; | username = m_identity.getName(); | } | | char[] tmpPassword = (char[]) callback.getCredential(); | if (tmpPassword != null) | { | m_credential = new char[tmpPassword.length]; | System.arraycopy(tmpPassword, 0, m_credential, 0, tmpPassword.length); | callback.clearCredential(); | } | } | catch (IOException e) | { | LoginException le = new LoginException("Failed to get username/password"); | le.initCause(e); | throw le; | } | catch (UnsupportedCallbackException e) | { | LoginException le = new LoginException("CallbackHandler does not support: " + e.getCallback()); | le.initCause(e); | throw le; | } | info[0] = username; | info[1] = m_credential; | LOG.debug("Found username: " + username); | return info; | } | The SecurityAssociationCallbackHandler returns my CustomPrincipal, which i need for additional login information. But in 5.0.x.GA it returns null. After that in the commit phase a the getRoleSet() will be called, where the principal would be assigned to the role if its not null. View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4216017#... Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&a...