Simon Martinelli wrote:
My jboss-web.xml looks like this
On a slightly unrelated note, the java:/jaas/ prefix is no longer needed while referring to the security domain name. In fact, I don't know if that prefixing it will work in AS7 and WildFly. So just change it to
I just downloaded 8.1.0.CR1 and it still doesn't work.
On EAP 6.2.2 and JBoss 7.1.1.Final it works fine with exactly the same configuration!
WildFly has a new web container (Undertow) and it's likely that there might be a bug in there. Can you file a WFLY JIRA with the details?
By the way, did you try the index.jsp change I suggested?
I've never bothered to find out why, but the rolesQuery usually has the form:
<module-option name="rolesQuery" value="select name, 'Roles' from securitygroup where email = ?"/>
Maybe the missing 'Roles' is the problem?
The query is like yours. I missed that in the first post.
It's very strange that this is not working. Other users should already have noticed that because it does not protect the pages.
But I will fill a bug.
Can you enable trace logging for org.jboss.security ad org.jboss.as.security
it will help understand what the problem is.
Now that I switched on logs there must be something different because now it works sometimes.
so there must be a problem on server startup but I cannot see anything. I just see that there are no roles associated but the request to the protected resource works anyway.
I will try to find out how to reproduce.