I am newbie of JBoss and Portal.
Just installed JBoss 4.0.3 + Portal 2.2.1 + MySQL 4.1

I am trying DatabaseServerLoginModule in login-config.xml.

 <application-policy name = "portal">
 <authentication>
 <login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule"
 flag = "required">
 <module-option name = "unauthenticatedIdentity">guest</module-option>
 <module-option name = "dsJndiName">java:/PortalDS</module-option>
 <module-option name = "principalsQuery">SELECT PASSWD FROM USERS WHERE USERNAME=?</module-option>
 <module-option name = "rolesQuery">SELECT USERROLES, 'Roles' FROM USERROLES WHERE USERNAME=?</module-option>
 </login-module>
 </authentication>
 </application-policy>

Tables are created as follow:

CREATE TABLE Users (
 userName VARCHAR(64) PRIMARY KEY,
 passwd VARCHAR(64)
);

INSERT INTO Users VALUES('admin', 'admin');

CREATE TABLE UserRoles (
 userName VARCHAR(32) NOT NULL,
 userRoles VARCHAR(32) NOT NULL
);

INSERT INTO UserRoles VALUES('admin', 'admin');

However, after i login, Error 403, unauthorized access come out.
Then, i try to update the UserRoles of admin from "admin" to "Authenticated"

INSERT INTO UserRoles VALUES('admin', 'Authenticated');

it successfully log me in after updating the table. But this time, i have no way to get access to CMS and management pages anymore.

I guess it is related to the Roles definition. Does anyone can help on this?

After explored with JBoss portal, i just quite confused on the ModelLoginModule and DatabaseServerLoginModule. I know ModelLoginModule is working together with UserModule and RoleModule. Does that mean DatabaseServerLoginModule or other loginmodule can't work with UserModule and RoleModule?

Thanks!