// Check user first
JmsCred cred = JmsCred.getJmsCred(mcf,subject,info);
// Null users are allowed!
if (user != null && !user.equals(cred.name))
throw new SecurityException
("Password credentials not the same, reauthentication not allowed");
if (cred.name != null && user == null) {
throw new SecurityException
("Password credentials not the same, reauthentication not allowed");
}
user = cred.name; // Basically meaningless