Was curious to know if anyone has written a client side JAAS login module that uses Hibernate in a truly distributed application. That is, caching the principal for later use via the ClientLoginModule and another custom login module to perform the actual authentication.

Currently our login consists of the creation of a LoginContext that upon login
will simply cache the principal for use later by EJB invocations (via the ClientLoginModule).

Our authentication doesn't actually take place until we make an EJB method invocation. So here we have an empty SLSB method that is called to perform our JAAS authentication.

What we'd like is to be able to create a JAAS login module that would authenticate the user on the server side when we perform our . We'd then like to be able to perform operations like loginContext.getSubject().getPrincipals() to access our custom principal objects.

I don't think the wiki on JAAS login modules addresses my issue because it doesn't necessarily deal with a distributed client. It is more likely a single VM web application.

Regards,
Roll

In case my previous post wasn't clear:

What we are looking for is a custom client login module that when configured correctly on the client side, would authenticate the user on the server-side when the



method is invoked. I've heard of others using some sort of remote proxy for server-side login modules, but haven't seen any documentation for direction in this area.