I had no trouble getting security with mysql and jboss 2.4.6. However, with 3.0 my web site returns "Access to the requested resource has been denied". My setup is as follows.
<application-policy name = "MySqlDbRealm">
<login-module code = "org.jboss.resource.security.ConfiguredIdentityLoginModule" flag = "required">
<module-option name = "principal">Principals</module-option>
<module-option name = "userName">root</module-option>
<module-option name = "password">password</module-option>
<module-option name = "managedConnectionFactoryName">jboss.jca:service=LocalTxCM,name=MySqlDS</module-option>
and I copied the mysql-service.xml into the deploy directory. In the previous version you had to specify the principalsQuery and the rolesQuery, but I can't find that in the 3, I think that's what my problem is.
Any help would be appreicated,
I think you have to create an additional security domain for your application. The one you created is your database access security domain.
If you use DatabaseServerLoginModule, you can specify the queries as module options.
I found the way to do it in the JBoss 3.0 Quickstart Guide on sourceforge