Dear All,

for I while I am working on an old problem - I am trying to be enable users to log in from any page. I am using jboss 4.03 SP1 and myfaces/trinidad. I successfully developed a custom login module. When I was using "standard" JASS configuration everything was perfectly fine. When trying to find out how to allow users to log in from any page I found http://www.mail-archive.com/struts-user@jakarta.apache.org/msg72644.html
message explaining how to integrate http://sourceforge.net/projects/securityfilter with jboss.

And again everything seemed to work fine. My login module methods are being called, the login method is being called with success... But, the method:

 public boolean isUserInRole(Principal principal, String rolename) {
 Set set = new HashSet();
 set.add(new SimplePrincipal(rolename));
 try {
 return getRealmMapping().doesUserHaveRole(principal, set);
 } catch (NamingException e) {
 Logger.fatalError(e);
 return false;
 }
 }

returns false. Actually I've checked it and everything (principal, and rolename) are set correctly simply there are no roles attached to the principal in the realm I get.

I don't put here more source code since it can be found under the first link.

Thanks in advance for any help,

Karol