Hi, Let me explain the problem before I publish my code. I have configured web.xml file with the security constrains--I have configures the database structure in the way the JBoss JAAS requires--I have configured the login-config.xml file. I have problems to login with an user having specific roles. In my web.xml file, if I have a specific role as shown in the code below then the user will not be able to login. He gets the resource not available error message
<auth-constraint> <role-name>admin</role-name> </auth-constraint> If I remove the role constrain by setting <role-name>*</role-name> in web.xml file then the user is able to get the web page. I have been trying to resolve this from past 2 weeks. Could any one of you please help me with this issue? Here are the respective codes 1. Web.xml <security-constraint> <web-resource-collection> <web-resource-name>Secure Content</web-resource-name> <url-pattern>/jsf/*</url-pattern> </web-resource-collection> <auth-constraint> <role-name>admin</role-name> </auth-constraint> </security-constraint> <login-config> <auth-method>FORM</auth-method> <form-login-config> <form-login-page>/logon.faces</form-login-page> <form-error-page>/error.faces</form-error-page> </form-login-config> </login-config> <security-role> The role required to access restricted content <role-name>admin</role-name> </security-role> 2. login-config.xml <application-policy name="sam"> <login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="required"> <module-option name="dsJndiName">java:ds/sam</module-option> <module-option name="principalsQuery">select password from users where username=?</module-option> <module-option name="rolesQuery">select Role, RoleGroup from Roles where username=?</module-option> </login-module> </application-policy> 3. Database tables. CREATE TABLE users ( username varchar(64) default NULL, password varchar(64) default NULL ) ; INSERT INTO users (username, password) VALUES ('admin','admin'); CREATE TABLE Roles ( username varchar(64) NOT NULL, Role varchar(32) NOT NULL, RoleGroup varchar(32) NOT NULL ); INSERT INTO Roles (username, Role, RoleGroup) VALUES ('admin','admin', 'admin'); 4. Jboss verion is jboss-4.0.3SP1, Database is PostgresSQL8.1 Please let me know if there are any details that I have missed out. Thank you, VinodRamu View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3938171#3938171 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3938171 ------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 _______________________________________________ JBoss-user mailing list JBoss-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-user