2 Replies Latest reply on Nov 14, 2011 10:08 AM by Valery Lezhebokov

    request.isUserInRole() always returns false

    Valery Lezhebokov Newbie

      Hi All,


      I am using JBOSS AS 6 and am bit puzzled by the way the authentication works. I have set up authentication with DatabaseServerLoginModule and have created a user "bemtaill" with a role "ADMIN". Now in a servlet I do the following:



      {code} request.login("bemtaill", "123"); // passes OK

      request.isUserInRole("ADMIN"); // returns FALSE {code}


      But at the same time in the logs I see:



      19:03:58,991 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] User 'bemtaill' authenticated, loginOk=true

      19:03:58,991 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] commit, loginOk=true

      19:03:58,991 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] getRoleSets using rolesQuery: select role, role_group from user_roles where username=?, username: bemtaill

      19:03:58,994 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] suspendAnyTransaction

      19:03:58,995 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] Excuting query: select role, role_group from user_roles where username=?, with username: bemtaill

      19:03:58,997 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] Assign user to role ADMIN




      How is it possible that the role is assigned but isUserInRole returns false?