Hi

I am securing my application with JAAS. But I am not being able to get the role of a user who is loggin.
My code is as follows.
............................
precad {
org.jboss.security.ClientLoginModule required;
};
..................

login-config.xml

<application-policy name = "precad">

<login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule"
flag = "required">
<module-option name = "unauthenticatedIdentity">guest</module-option>
<module-option name = "dsJndiName">java:/MySqlDS</module-option>
<module-option name = "principalsQuery">SELECT PASSWD FROM USERS WHERE USERID=?</module-option>
<module-option name = "rolesQuery">SELECT ROLEID, 'Roles' FROM ROLES WHERE USERID=?</module-option>
</login-module>

</application-policy>
..............


client class is....
LoginContext lc = new LoginContext(PRECAD_LOGIN_CONTEXT,
new DialogCallbackHandler());
// attempt authentication
lc.login();
// TODO Call a user session bean instead!!!
//Subject subject = lc.getSubject();
Subject subject = lc.getSubject();

getProcessRemote().login();
where getProcessRemote is for Remote interface of stateless session bean.

...................

and sessionn bean is

public class UserProcessBean implements UserProcessRemote{
SessionContext sescont;
@PersistenceContext(unitName = "precad")
// private EntityManager manager;

//private static Logger logger = Logger.getLogger(UserProcessBean.class);

@SuppressWarnings("unchecked")
@RolesAllowed({"administrator","developer"})
public void login(/*Subject subject*/) throws UserProcessException {
try {
System.out.println("In SERVER LOGIN..............");
}
catch(Exception e){e.printStackTrace();}


I am using ejb3.

and I want that as a user login then my getProcessRemote.login() should return the role of this user. But I do not know that how to do it.

Please help me.

/Ritesh