I hava a Login module that inherits from the QmaticLoginModule and add some license check to count down and release when a user logs in/out. Except the ?Roles? I want to add a ?RolesGroup? to se what kind of role it is. Everything works until I add the ?RolesGroup? to the rolesquery.
When I do I get a HTTP Status 403?
The class looks like this.
public class QmaticLoginModule extends DatabaseServerLoginModule { ... @Override public boolean login() throws LoginException { this.loginOk = super.login(); if(!this.loginOk) return false; System.out.println("-Login-"); String user = this.getIdentity().getName(); System.out.println("User :" +this.getIdentity().getName()); Group[] roles = this.getRoleSets(); for(int i = 0; i < roles.length; i++) { System.out.println("Role type :" +roles.getName()); Enumeration list = roles.members(); while(list.hasMoreElements()) { Principal tempPrincipal = (Principal)list.nextElement(); System.out.println("Principal :" +tempPrincipal.getName()); //Count down the acctual license per module if(licenseManager == null) return false; //getLicenseModule() will throw LoginException if it fails if(!licenseManager.getLicenseModule(tempPrincipal.getName())) { licenseCheck = false; return this.loginOk = false; } } } licenseCheck = true; return this.loginOk; }
<login-module code="com.qmatic.platform.admin.license.QmaticLoginModule" flag="required"> <module-option name="dsJndiName"> java:/qpDS </module-option> <module-option name="principalsQuery"> select password from qp_user where username=? </module-option> <module-option name="rolesQuery"> SELECT qp_access.accessName 'Roles', qp_access.accessType 'RoleGroup' FROM qp_usergroup WHERE qp_user.userName = ? </module-option> </login-module>
I forgot to say that I have a security-domain for the application. But the Mbean that handles the login and license is not in the security-domain. It was the only way to get it work ?!