I assume, that you have already have set up a login-config in your web.xml. Getting roles from the database can be achieved by using the DatabaseServerLoginModule (as described in the "Getting Started"-documentation) and placing it in the login-config.xml in the conf-dir. The next step would be to define a security-domain in jboss-web.xml with a matching name (what you already might have done). Maybe you have to adjust the SQL-statements and type-mapping as they depend on the type and structure of your database.
Hope it helps,