[jboss-user] [Security & JAAS/JBoss] - Re: SimplePrincipal ClassCastException

clevelam do-not-reply at jboss.com
Thu Oct 30 19:41:10 EDT 2008

Moving my LoginModule to a seperate JAR still does not work.   I have one correction.   The classcastexception does not occur in the CustomLoginModule.  It occurs in a servlet(spring controller)   that has access to the httprequest object.

The following calls: request.getUserPrincipal().getClass()  returns an object of type: org.jboss.security.SimplePrincipal

Where as I am expecting my custom class.  I have updated login-config as follows:

<application-policy name = "xxx-Domain">

<login-module code="xxx.xxx.CustomLoginModule"
             flag = "required">
<module-option name="principalClassName">
<module-option name="principalClass">


I am also using JBoss' WebAuthentication class to have JAAS authentication work with programmatic security.

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4185854#4185854

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4185854

More information about the jboss-user mailing list