I have an app with multiple user types (roles), each stored in different tables in the same SQL DB and each has its own login page. To implement this using Jakarta EE 8 security API I see I have two options:
Define multiple IdentityStore's, one for each role
Pass the requested role to via the securityContext.authenticate(...) method and have a single identity store that chooses which database table to query.
The problem is for 1) I don't know how to 'select' an IdentityStore, it seems I can only set the priority which means cycling through them all until one is successful which is not very efficient, it also does not allow me to have duplicate usernames with different roles.
For 2) the only way I can see this is possible would be to concatenate the username with the role so its included in the UsernamePasswordCredential (eg. adminRole:john.doe@hotmail.com) but this seems also wrong.
Am I missing a trick?
In the end I achieved this by setting attributes on the request object which is passed to the IdentityStore