I created a application-policy called "myDBRealm" with the following parameters.

<application-policy name = "myDBRealm">

<login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule"
flag = "required">
<module-option name = "dsJndiName">java:/OracleDS</module-option>
<module-option name = "principalsQuery">
SELECT 'myUSER' FROM Dual
</module-option>
<module-option name = "rolesQuery">
SELECT 'durpublisher', 'Roles' FROM Dual
</module-option>
</login-module>

</application-policy>

and the OracleDS2 datasource is using this logon authentication module.

<security-domain-and-application>myDBRealm</security-domain-and-application>

The OracleDS2 datasource does not have a <user-name> or supplied. The expectation is the username and the password supplied by a datasource getConnection(...) method will be passed on to the login process.

The other datasource (OracleDS) used by the login module is basically open with the UserID and Password defined in the datasource. There doesn't seem to be any problem in opening the OracleDS datasource with a good UserID and password. I'm also pretty sure the null principal problem is before the login module attempts to access the database.

When I execute the datasource getConnection in my message bean

ds.getConnection( userName, password );

I fail in the login module because the principal is null. What do I need to do to get the principal initialized to the userName supplied in the getConnection method? I know I must be missing a simple
initialization step.