Hi All, This subject has been raised in the past many times. I have gone through almost all, but none could solve my problem. Also to mention that, those discussions were on earlier versions of JBoss.
I am using JBoss v 4.0.2,.I have implemented form-based authentication, in which the form submits to a Servlet which performs the authentication. Without any problem, the login happens, however I am getting request.getUserPrincipal() as null. I also check for the roles, that always return false even for the successful logins (This must be obvious, as principal is null. If not please do explain that too!) Below are my code snippets: ******************* Login Servlet ****************************** public class LoginServlet extends HttpServlet | { | public void doPost(HttpServletRequest request, HttpServletResponse | response) throws IOException | | { // ... | | SecurityAssociationHandler handler = new SecurityAssociationHandler(); | Principal user = new SimplePrincipal(username); | handler.setSecurityInfo(user, password.toCharArray()); | | try | { | LoginContext loginContext = new LoginContext("ODBCRealm", | (CallbackHandler)handler); | loginContext.login(); | Subject subject = loginContext.getSubject(); | Set principals = subject.getPrincipals(); | principals.add(user); | | title = "Login Suceess"; | message="<h1>Login Success</h1>"; | message = message + "<br/>Hi "+request.getUserPrincipal()+" !"; | message = message + "Servlet: : You belong to the following roles:<br/> <blockquote><ol>"; | if(request.isUserInRole("admin")) | { | message = message +"<li>admin,</li> "; | } | | if (request.isUserInRole("loginUser")) | { | message = message +"<li>loginUser, </li>"; | } | if (request.isUserInRole("role1")) | { | message = message +"<li>role1,</li> "; | } | message = message+"</ol></blockquote>"; | } | catch (LoginException le) | { | title = "Login Failed"; | message="<h1>Login Failed</h1>"; | } | response.setContentType("text/html"); | PrintWriter out = response.getWriter(); | out.println("<html><head><title>"+title+"</title><body>"+message+"</body></h | tml>"); | | } | } ************* login-config.xml ******************************* <policy> | | <application-policy name = "client-login"> | <authentication> | <login-module code = "org.jboss.security.ClientLoginModule" | flag = "required"> | </login-module> | </authentication> | </application-policy> | | <application-policy name="ODBCRealm"> | <authentication> | <login-module | code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="required"> | <module-option name="dsJndiName">java:/ODBCDS</module-option> | <module-option name="principalsQuery"> | Select Password from Principals where PrincipalID = ?</module-option> | <module-option name="rolesQuery"> | Select Role 'Roles', RoleGroup 'RoleGroups' from Roles where | PrincipalID =?</module-option> | </login-module> | </authentication> | </application-policy> | | <authentication> | <login-module code = "org.jboss.security.auth.spi.UsersRolesLoginModule" | flag = "required" /> | </authentication> | </application-policy> | | <!?Standard tags shipped with JBoss are intact --> | | </policy> This much code may be enough. If more is required, do ask me. Also there was no error message in the logs. Any help in this regard would be appretiated Thanks in advance View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3902759#3902759 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3902759 ------------------------------------------------------- This SF.Net email is sponsored by: Power Architecture Resource Center: Free content, downloads, discussions, and more. http://solutions.newsforge.com/ibmarch.tmpl _______________________________________________ JBoss-user mailing list JBoss-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-user