Hi all, I'm really trying to do something that allows my users w/ assigned roles to login w/ passwd through a servlet using the databaseServerLoginModule, but having a hard time understanding what to do w/ so little documentation.

Here's what I've done so far and if someone could point me in the right direction w/ more steps, much appreciated.

I've created tables in my postgresql database as such ...

CREATE SEQUENCE principals_seq;
CREATE TABLE Principals(
 principalId INT PRIMARY KEY,
 principalName VARCHAR(64)
 password VARCHAR(32)
);

CREATE SEQUENCE roles_seq;
CREATE TABLE Roles(
 roleId INT PRIMARY KEY,
 roleName VARCHAR(32),
 roleGroup VARCHAR(32)
);

And I have a ~/WEB-INF/login-config.xml file like this ...

<application-policy name="myAppName">
 <authentication>
 <login-module
 code="org.jboss.security.auth.spi.DatabaseServerLoginModule"
 flag="required">
 <module-option name="unauthenticatedIdentity">
 guest
 </module-option>
 <module-option name="dsJndiName">
 java:/PostgresDS
 </module-option>
 <module-option name="principalsQuery">
 SELECT password FROM Users WHERE principalId=?
 </module-option>
 <module-option name="rolesQuery">
 SELECT roleId,'Roles' FROM Roles WHERE userId=?
 </module-option>
 </login-module>
 </authentication>
</application-policy>

I'm not sure about how to use callbacks within a servlet but I think I'm supposed to do this in my apps MVC controller. I made a LoginController, but as you can see, I don't really understand the details here yet.

CallbackHandler handler = new MyHandler();
LoginContext lc = new LoginContext("some-config", handler);

try {
 lc.login();
 Subject subject = lc.getSubject();
}
catch (LoginException le) {
 System.out.println("authentication failed");
 e.printStackTrace();
}

Any more details here? Any help much appreciated.