users@glassfish.java.net

Re: Get a session object after login with Realm

From: <glassfish_at_javadesktop.org>
Date: Thu, 12 Mar 2009 01:21:51 PDT

If this has to be done in the loginmodule, then the protected member _subject of AppservPasswordLoginModule could be used :

_subject.getPublicCredentials().add("email");

To do this outside the realm/loginmodule in the calling application ,

SecurityContext.getCurrent().getSubject().getPublicCredentials().add("email")

could be used. However if this is used within the realm/loginModule before the authentication process is completed, the default security context with the read only Subject is returned and throws an error, which was originally observed..

HTH
Nithya
[Message sent by forum member 'nitkal' (nitkal)]

http://forums.java.net/jive/thread.jspa?messageID=336565