User not in required role...
l.g. Jul 26, 2002 5:44 PM[ENV: jboss-3.0 , RedHat 7.3, Oracle 7.3]
I'm trying to implement JAAS security for my application and I got 3 problems:
Problem 1: ================================
 Error in browser: HTTP ERROR: 403 User not in required role
Error in console:
2002-07-27 01:15:36,818 INFO [org.jboss.jetty.Jetty] JSP: init
2002-07-27 01:15:49,996 DEBUG [org.jboss.jetty.security.JBossUserRealm#Model] JBossUserPrincipal: fund_adv
2002-07-27 01:15:50,007 DEBUG [org.jboss.jetty.security.JBossUserRealm#Model] created JBossUserRealm::JBossUserPrincipal: fund_adv
2002-07-27 01:15:50,009 DEBUG [org.jboss.jetty.security.JBossUserRealm#Model] authenticating: Name:fund_adv Password:****
2002-07-27 01:15:50,365 DEBUG [org.jboss.jetty.security.JBossUserRealm#Model] authenticated: fund_adv
2002-07-27 01:15:50,368 DEBUG [org.jboss.jetty.security.JBossUserRealm#Model] setting JAAS subjectAttributeName(j_subject) : Subject:
 Principal: fund_adv
 Private Credential: javax.resource.spi.security.PasswordCredential@40000000
2002-07-27 01:15:50,391 DEBUG [org.jboss.jetty.security.JBossUserRealm#Model] authenticating: Name:fund_adv Password:****
2002-07-27 01:15:50,392 DEBUG [org.jboss.jetty.security.JBossUserRealm#Model] authenticated: fund_adv
2002-07-27 01:15:50,395 DEBUG [org.jboss.jetty.security.JBossUserRealm#Model] JBossUserPrincipal: fund_adv is NOT in Role: Java
2002-07-27 01:15:50,398 WARN [org.jboss.jetty.Jetty] WARNING: AUTH FAILURE: role for fund_adv
2002-07-27 01:15:50,662 DEBUG [org.jboss.jetty.security.JBossUserRealm#Model] JBossUserPrincipal: fund_adv
2002-07-27 01:15:50,664 DEBUG [org.jboss.jetty.security.JBossUserRealm#Model] authenticating: Name:fund_adv Password:****
2002-07-27 01:15:50,665 DEBUG [org.jboss.jetty.security.JBossUserRealm#Model] authenticated: fund_adv
2002-07-27 01:15:50,667 DEBUG [org.jboss.jetty.security.JBossUserRealm#Model] setting JAAS subjectAttributeName(j_subject) : Subject:
 Principal: fund_adv
 Private Credential: javax.resource.spi.security.PasswordCredential@40000000
2002-07-27 01:15:50,684 DEBUG [org.jboss.jetty.security.JBossUserRealm#Model] authenticating: Name:fund_adv Password:****
2002-07-27 01:15:50,684 DEBUG [org.jboss.jetty.security.JBossUserRealm#Model] authenticated: fund_adv
2002-07-27 01:15:50,685 DEBUG [org.jboss.jetty.security.JBossUserRealm#Model] JBossUserPrincipal: fund_adv is NOT in Role: Java
2002-07-27 01:15:50,687 WARN [org.jboss.jetty.Jetty] WARNING: AUTH FAILURE: role for fund_adv
==================================================
I think user in role Java - here is my web.xml:
<!-- ### Security -->
 <security-constraint>
 <web-resource-collection>
 <web-resource-name>Restricted</web-resource-name>
 Declarative security tests
 <url-pattern>/jsp/*</url-pattern>
 <http-method>HEAD</http-method>
 <http-method>GET</http-method>
 <http-method>POST</http-method>
 <http-method>PUT</http-method>
 <http-method>DELETE</http-method>
 </web-resource-collection>
 <auth-constraint>
 <role-name>Java</role-name>
 </auth-constraint>
 <user-data-constraint>
 no description
 <transport-guarantee>NONE</transport-guarantee>
 </user-data-constraint>
 </security-constraint>
 <login-config>
 <auth-method>FORM</auth-method>
 <realm-name>Model</realm-name>
 <form-login-config>
 <form-login-page>Login.jsp</form-login-page>
 <form-error-page>LoginError.jsp</form-error-page>
 </form-login-config>
 </login-config>
 <security-role>
 no description
 <role-name>Java</role-name>
 </security-role>
and table Roles:
---------------------------------------
PrincipalID | Role | RoleGroup |
---------------------------------------
fund_adv | Java | Roles |
---------------------------------------
login-config.xml:
 <application-policy name = "OracleDbRealm">
 <login-module code = "org.jboss.resource.security.ConfiguredIdentityLoginModule" flag = "required">
 <module-option name = "principal">fund_adv</module-option>
 <module-option name = "userName">fund_adv</module-option>
 <module-option name = "password">********</module-option>
 <module-option name = "principalsQuery">select Password from Principals where PrincipalID=?</module-option>
 <module-option name = "rolesQuery">select Role, RoleGroup from Roles where PrincipalID=?</module-option>
 <module-option name = "managedConnectionFactoryName">jboss.jca:service=LocalTxCM,name=OracleTST</module-option>
 </login-module>
 </application-policy>
Problem 2: =================================================
 in my web.xml (see above) I defined
<form-error-page>LoginError.jsp</form-error-page>
But when I get AUTH FAILURE error it displayed in plain page, not LoginError.jsp
Why?
Problem 3: =================================================
When I request http://localhost:7777/model browser open
http://localhost:7777/model/jsp/index.jsp because this is in welcome-file-list.
Problem is this page is supposed to be protected
and I supposed to see Login.jsp FIRST.
But when I request http://localhost:7777/model/index.jsp browser open Login.jsp.
Why is this?
=========================================================
TIA
 
    