Il Dima,
In the web.xml there is a tag for security-roles. This needs to be the same as
the user's role returned in the authentication query, as the user needs to be
authorised to access the resource, as well as authenticated
In web.xml:
<security-role>
<role-name>user</role-name>
</security-role>
In login-config:
<login-module
code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="required">
<module-option name="unauthenticatedIdentity">guest</module-option>
<module-option name="dsJndiName">java:/mySQL</module-option>
<module-option name="principalsQuery">select Password from Principals
where PrincipalID=?</module-option>
<module-option name="rolesQuery">select Role,RoleGroup from Roles
where PrincipalID=?</module-option>
</login-module>
Hope this helps..
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3912790#3912790
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3912790
-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems? Stop! Download the new AJAX search engine that makes
searching your log files as easy as surfing the web. DOWNLOAD SPLUNK!
http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click
_______________________________________________
JBoss-user mailing list
JBoss-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/jboss-user
