I hava a Login module that inherits from the QmaticLoginModule and add some license check to count down and release when a user logs in/out. Except the ?Roles? I want to add a ?RolesGroup? to se what kind of role it is. Everything works until I add the ?RolesGroup? to the rolesquery.

When I do I get a HTTP Status 403?


The class looks like this.

public class QmaticLoginModule extends DatabaseServerLoginModule
{
...
@Override
public boolean login() throws LoginException
{
 this.loginOk = super.login();
 if(!this.loginOk)
 return false;

 System.out.println("-Login-");

 String user = this.getIdentity().getName();
 System.out.println("User :" +this.getIdentity().getName());

 Group[] roles = this.getRoleSets();

 for(int i = 0; i < roles.length; i++)
 {
 System.out.println("Role type :" +roles.getName());
 Enumeration list = roles.members();

 while(list.hasMoreElements())
 {
 Principal tempPrincipal = (Principal)list.nextElement();
 System.out.println("Principal :" +tempPrincipal.getName());

 //Count down the acctual license per module
 if(licenseManager == null)
 return false;

 //getLicenseModule() will throw LoginException if it fails
 if(!licenseManager.getLicenseModule(tempPrincipal.getName()))
 {
 licenseCheck = false;
 return this.loginOk = false;
 }

 }
 }

 licenseCheck = true;
 return this.loginOk;
}

And the login-config.xml look like this

<login-module
 code="com.qmatic.platform.admin.license.QmaticLoginModule"
 flag="required">
 <module-option name="dsJndiName">
 java:/qpDS
 </module-option>
<module-option name="principalsQuery">
 select password from qp_user where username=?
 </module-option>
 <module-option name="rolesQuery">
SELECT qp_access.accessName 'Roles', qp_access.accessType 'RoleGroup' FROM qp_usergroup WHERE qp_user.userName = ?
 </module-option>
</login-module>

What am I doing wrong, can I add the 'RoleGroup' to the query?

/Thanx anykey