0 Replies Latest reply on Jun 13, 2005 10:49 AM by Walter

    Problem with DatabaseServerLoginModule

    Walter Newbie

      I have a problem with JBoss Security JAAS. I'm using DatabaseServerLoginModule and my login-config.xml is:

      <application-policy name = "TestDatabase">

      <login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule"
      flag = "required">
      <module-option name = "dsJndiName">java:/TestDS</module-option>
      <module-option name = "principalsQuery">SELECT PASSWD FROM Users WHERE USERID=?</module-option>
      <module-option name = "rolesQuery">SELECT ROLEID, 'Roles' FROM Roles WHERE USERID=?</module-option>


      I'm using a configuration BASIC in web.xml. When I entry users and password, appears the next error:

      HTTP Status 403 - Access to the requested resource has been denied

      type: Status report

      message: Access to the requested resource has been denied

      description: Access to the specified resource (Access to the requested resource has been denied) has been forbidden.

      Apache Tomcat/5.0.28

      The validation of users and password that's OK, but the recuperation of roles is incorrect.

      If I'm uses org.jboss.security.auth.spi.UsersRolesLoginModule with users.properties and roles.properties, the
      navigation is succeful. By I'm uses org.jboss.security.auth.spi.DatabaseServerLoginModule the error is http-403