I have&nbsp; a working application on Jboss 4.2.1 using the ClientLoginModule and the LdapExtLoginModule.<br><br>I am trying to replace the ClientLoginModule with the BaseCertLoginModule.&nbsp; My authentication seems to pass the ClientLoginModule and the LdapExtLoginModule. However, the problem I am having is that the LdapExtLoginModule does not appear to be adding any roles.<br>

<br>In fact when examining the source code for the LsapExtLoginModule it appears that validatePassword method never gets called. This method seems to retrieve the roles.&nbsp; This is happening because I have password stacking on and the login method returns early.<br>
<br>Has anyone done this type of thing before?&nbsp; I need Authentication to happen with the cert and Authorization to happen with the LDAP.<br><br>Thanks<br><br>Bill.<br>