Hi,

I'm working with JBoss3.0.0 with integrated Tomcat 4.0.3.
I'am trying to run an exmaple using JAAS with DatabaseServerLoginModule; I've created two tables 'Principals' and 'Roles' exactly as it is described in Chapter 8 of the 'Getting Started'-Document. (The database ist MySQL; it's definitely working).

When I'm trying to access a secure servlet, and when I enter a login/password-combination which is not in my database, the login prompt starts again. So far it is okay. If I enter an existing login/password-Combination, but where the user has the "wrong" role, I get an HTTP Status 403 - Access denied. Seems okay to me. Beside, this is why I'm sure MySQL is working; the authentication has succeeded, but the authorization not because of "wrong role".

The problem ist that even if someone logs in who is in role 'admin' and belongs to the rolegroup 'admin',
I get the same HTTP 403 - status.

Has anyone an idea what's causing this error? A working mini-example would be nice to!

If I switch JAAS to using 'roles.properties' and 'users.properties', the same example-servlet is working!

Thanks for your tipps,
Matthias