Jackrabbit ignores my LoginModule, insists on using default JBoss one

["John D. Ament" <jo...@gmail.com>]

So my environment.

JBoss 5.1 on SLES 10.2
Jackrabbit is embedded in my app, and I am bootstrapping it myself via a
servlet context listener.  I have no need for JNDI based binding right now,
though I am considering it.

My issue is that when you first attempt to access the repository, it's using
the default JBoss login module, instead of mine.  In my repository.xml it is
marked correctly as the custom one I wrote, however, when it attempts to
load I see the following:

Caused by: javax.jcr.LoginException: Missing users.properties file.: Missing
users.properties file.: Missing users.properties file.
        at
org.apache.jackrabbit.core.RepositoryImpl.login(RepositoryImpl.java:1363)
        at
org.apache.jackrabbit.core.TransientRepository.login(TransientRepository.java:328)
        at
org.apache.jackrabbit.core.TransientRepository.login(TransientRepository.java:353)
        ... 79 more
Caused by: javax.security.auth.login.LoginException: Missing
users.properties file.
        at
org.jboss.security.auth.spi.UsersRolesLoginModule.login(UsersRolesLoginModule.java:148)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
        at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:597)
        at
javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
        at
javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
        at
javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
        at java.security.AccessController.doPrivileged(Native Method)
        at
javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
        at
javax.security.auth.login.LoginContext.login(LoginContext.java:579)
        at
org.apache.jackrabbit.core.security.authentication.JAASAuthContext.login(JAASAuthContext.java:60)

Which to me looks like my configuration is still somehow pointing out the
JAAS based ones instead, in login-config.xml

Here's an excerpt of my repository.xml:

        <SecurityManager
class="org.apache.jackrabbit.core.security.simple.SimpleSecurityManager"
workspaceName="security">
            <!--
            workspace access:
            class: FQN of class implementing the WorkspaceAccessManager
interface
            -->
            <!-- <WorkspaceAccessManager class="..."/> -->
            <!-- <param name="config" value="${rep.home}/security.xml"/> -->
        </SecurityManager>

        <!--
            access manager:
            class: FQN of class implementing the AccessManager interface
        -->
        <AccessManager class="my.custom.FakeSSOAccessManager">

            <!-- <param name="config" value="${rep.home}/access.xml"/> -->
        </AccessManager>

        <LoginModule class="my.custom.FakeSSOLoginModule">
           <!--
              anonymous user name ('anonymous' is the default value)
            -->
           <param name="anonymousId" value="anonymous"/>
           <!--
              administrator user id (default value if param is missing is
'admin')
            -->
           <param name="adminId" value="admin"/>
        </LoginModule>


Any ideas/tips on this?

Thanks!

John