14 Replies Latest reply on Feb 24, 2004 4:18 PM by Rick Hightower

    JBoss Security Roles Problem.... everyone is admin!

    Rick Hightower Newbie

      I am having a problem with roles. A user called tomcat is in a role called admin, but should not be. I can login okay with the tomcat user but, the tomcat user can do everything an admin can do, which is not what I want. I then tried to programmatically see if tomcat user is an admin and he was.

      JBoss security is setup as follows:

      <application-policy name = "express">

      <login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule"
      flag = "required">
      <module-option name = "dsJndiName">jdbc/mysql</module-option>
      <module-option name = "principalsQuery">
      select passwrd from app_user where username=?
      </module-option>
      <module-option name = "rolesQuery">
      select role_name, 'Roles' from user_role where username=?
      </module-option>
      <module-option name="hashAlgorithm">SHA</module-option>
      <module-option name="hashEncoding">base64</module-option>

      </login-module>

      </application-policy>

      When I run the querries in the database workbench they seem to work as they should.

      (I tried several combinations of encoding and hash to no avail).

      It should be like this:
      user tomcat is in the role "user"
      user mraible is in the role "admin"

      Here is the role table:
      CREATE TABLE USER_ROLE
      (
      ID NUMERIC( 18, 0) NOT NULL,
      USER_ID NUMERIC( 18, 0) NOT NULL,
      USERNAME VARCHAR( 255) NOT NULL COLLATE NONE,
      ROLE_NAME VARCHAR( 255) NOT NULL COLLATE NONE,
      PRIMARY KEY (ID)
      );

      This query
      select USER_NAME ROLENAME from USER_ROLE;
      outputs this:

      USER_NAME ROLENAME
      tomcat user
      mraible admin

      Here is the DDL for the user table:
      RECREATE TABLE APP_USER
      (
      ID NUMERIC( 18, 0) NOT NULL,
      USERNAME VARCHAR( 40) NOT NULL COLLATE NONE,
      PASSWRD VARCHAR( 150) NOT NULL COLLATE NONE,
      FIRSTNAME VARCHAR( 40) NOT NULL COLLATE NONE,
      LASTNAME VARCHAR( 40) NOT NULL COLLATE NONE,
      EMAIL VARCHAR( 100) COLLATE NONE,
      PHONENUMBER VARCHAR( 15) COLLATE NONE,
      PASSWORDHINT VARCHAR( 40) COLLATE NONE,
      INCREMENTBY FLOAT,
      VER INTEGER,
      PRIMARY KEY (ID)
      );

      The above has the following data:
      ID,USERNAME,FIRSTNAME,EMAIL
      1,"tomcat","Tomcat","matt_raible@yah.com"
      2,"mraible","Matt","matt@raible.com"
      3,"rick","Rick","rick@arc-mind.com"

        • 1. Re: JBoss Security Roles Problem.... everyone is admin!
          Adrian Brock Master

          Your config looks ok to me.

          What do you in log/server.log if you enable TRACE logging in conf/log4j.xml
          for org.jboss.security.

          Regards,
          Adrian

          • 3. Re: JBoss Security Roles Problem.... everyone is admin!
            Rick Hightower Newbie

            I tried it and it was not too telling. In fact, I only get the following:

            [ INFO] 45:17 (JaasSecurityManagerService.java:newSecurityDomainCtx:494)
            Created securityMgr=org.jboss.security.plugins.JaasSecurityManager@4bd767

            [DEBUG] 45:17 (JaasSecurityManager.java:setCachePolicy:181)
            CachePolicy set to: org.jboss.util.TimedCachePolicy@1e75e08

            [ INFO] 45:17 (JaasSecurityManagerService.java:setSecurityDomainCache:451)
            setCachePolicy, c=org.jboss.util.TimedCachePolicy@1e75e08

            [ INFO] 45:17 (JaasSecurityManagerService.java:lookupSecurityDomain:472)
            Added HsqlDbRealm, org.jboss.security.plugins.SecurityDomainContext@ce623f to ma
            p

            [ INFO] 45:18 (JaasSecurityManagerService.java:newSecurityDomainCtx:494)
            Created securityMgr=org.jboss.security.plugins.JaasSecurityManager@1dbe135

            [DEBUG] 45:18 (JaasSecurityManager.java:setCachePolicy:181)
            CachePolicy set to: org.jboss.util.TimedCachePolicy@9e7d46

            [ INFO] 45:18 (JaasSecurityManagerService.java:setSecurityDomainCache:451)
            setCachePolicy, c=org.jboss.util.TimedCachePolicy@9e7d46

            [ INFO] 45:18 (JaasSecurityManagerService.java:lookupSecurityDomain:472)
            Added jbossmq, org.jboss.security.plugins.SecurityDomainContext@132b038 to map

            [ INFO] 45:18 (JaasSecurityManagerService.java:newSecurityDomainCtx:494)
            Created securityMgr=org.jboss.security.plugins.JaasSecurityManager@ae7b77

            [DEBUG] 45:18 (JaasSecurityManager.java:setCachePolicy:181)
            CachePolicy set to: org.jboss.util.TimedCachePolicy@12bc407

            [ INFO] 45:18 (JaasSecurityManagerService.java:setSecurityDomainCache:451)
            setCachePolicy, c=org.jboss.util.TimedCachePolicy@12bc407

            [ INFO] 45:18 (JaasSecurityManagerService.java:lookupSecurityDomain:472)
            Added JmsXARealm, org.jboss.security.plugins.SecurityDomainContext@52d654 to map

            It does not mention org.jboss.security.auth.spi.DatabaseServerLoginModule that I configured.

            I wonder if I am missing something else. Like a mapping from jboss-web.xml to the DatabaseServerLoginModule that I configured.

            Also, when I log into the site, I get nothing from org.jboss.security in my log file. That seems odd, in a bad.... not so good kind of way.

            I added the following code:

            manager.setUserName(request.getRemoteUser());
            manager.setAdmin(request.isUserInRole("admin"));

            log.debug(manager.getUserName());
            log.debug("admin=" + manager.isAdmin());

            It appears everyone is admin!

            What is weirder is I can login using any password. Arrrrgggghhh! All of this worked with just plain Tomcat.

            • 4. Re: JBoss Security Roles Problem.... everyone is admin!
              Adrian Brock Master

              I don't see any TRACE logging.
              Do you still have a DEBUG filter on the file appender?

              Regards,
              Adrian

              • 5. Re: JBoss Security Roles Problem.... everyone is admin!
                Adrian Brock Master

                Also, since you have a web app, enable TRACE for
                org.jboss.web
                as well.

                Regards,
                Adrian

                • 6. Re: JBoss Security Roles Problem.... everyone is admin!
                  Rick Hightower Newbie

                  Here is what I get on startup:

                  [ INFO] 19:17 (ServiceMBeanSupport.java:start:220)
                  Started jboss.security:service=XMLLoginConfig

                  [DEBUG] 19:17 (ServiceMBeanSupport.java:start:187)
                  Starting

                  [DEBUG] 19:17 (JaasSecurityManagerService.java:startService:337)
                  securityMgrCtxPath=java:/jaas

                  [DEBUG] 19:17 (JaasSecurityManagerService.java:startService:343)
                  cachePolicyCtxPath=java:/timedCacheFactory

                  [DEBUG] 19:17 (JaasSecurityManagerService.java:startService:348)
                  SecurityProxyFactory=org.jboss.security.SubjectSecurityProxyFactory@eafb71

                  [ INFO] 19:17 (ServiceMBeanSupport.java:start:220)
                  Started jboss.security:service=JaasSecurityManager

                  [DEBUG] 19:19 (ServiceMBeanSupport.java:create:154)
                  Creating

                  [DEBUG] 19:19 (ServiceMBeanSupport.java:create:172)
                  Created

                  [DEBUG] 19:19 (ServiceMBeanSupport.java:start:187)
                  Starting

                  [DEBUG] 19:19 (EmbeddedTomcatService.java:startService:252)
                  Setting catalina debug level to: 0

                  [DEBUG] 19:19 (EmbeddedTomcatService.java:startService:268)
                  Setting catalina.home to: C:\tools\jboss-3.2.3\server\default

                  [DEBUG] 19:19 (EmbeddedTomcatService.java:startService:269)
                  Setting catalina.base to: C:\tools\jboss-3.2.3\server\default

                  [ INFO] 19:20 (Log4jLogger.java:log:149)
                  CoyoteConnector Coyote can't register jmx for protocol

                  [ INFO] 19:20 (Log4jLogger.java:log:149)
                  CoyoteConnector Coyote can't register jmx for protocol

                  [ INFO] 19:20 (EmbeddedTomcatService.java:startService:279)
                  OK

                  [DEBUG] 19:20 (AbstractWebContainer.java:init:276)
                  Begin init

                  [DEBUG] 19:20 (AbstractWebContainer.java:init:353)
                  End init

                  [DEBUG] 19:20 (AbstractWebContainer.java:start:418)
                  webContext: null

                  [DEBUG] 19:20 (AbstractWebContainer.java:start:419)
                  warURL: file:/C:/tools/jboss-3.2.3/server/default/deploy/http-invoker.sar/invoke
                  r.war/

                  [DEBUG] 19:20 (AbstractWebContainer.java:start:420)
                  webAppParser: org.jboss.web.AbstractWebContainer$DescriptorParser@1352447

                  [ INFO] 19:20 (EmbeddedTomcatService.java:performDeploy:306)
                  deploy, ctxPath=/invoker, warUrl=file:/C:/tools/jboss-3.2.3/server/default/deplo
                  y/http-invoker.sar/invoker.war/

                  [DEBUG] 19:20 (EmbeddedTomcatService.java:createWebContext:521)
                  Using session cookies default setting

                  [DEBUG] 19:20 (AbstractWebContainer.java:parseWebAppDescriptors:555)
                  AbstractWebContainer.parseWebAppDescriptors, Begin

                  [DEBUG] 19:20 (AbstractWebContainer.java:parseWebAppDescriptors:563)
                  Creating ENC using ClassLoader: java.net.FactoryURLClassLoader@1fc468e

                  [DEBUG] 19:20 (AbstractWebContainer.java:parseWebAppDescriptors:567)
                  ..org.jboss.mx.loading.UnifiedClassLoader3@180b22e{ url=file:/C:/tools/jboss-3.2
                  .3/server/default/deploy/http-invoker.sar/ ,addedOrder=3}

                  [DEBUG] 19:20 (AbstractWebContainer.java:parseWebAppDescriptors:567)
                  ..org.jboss.system.server.NoAnnotationURLClassLoader@13f3045

                  [DEBUG] 19:20 (AbstractWebContainer.java:parseWebAppDescriptors:567)
                  ..sun.misc.Launcher$AppClassLoader@e80a59

                  [DEBUG] 19:20 (AbstractWebContainer.java:parseWebAppDescriptors:567)
                  ..sun.misc.Launcher$ExtClassLoader@1ff5ea7

                  [DEBUG] 19:20 (AbstractWebContainer.java:parseWebAppDescriptors:576)
                  Linked java:comp/UserTransaction to JNDI name: UserTransaction

                  [DEBUG] 19:20 (AbstractWebContainer.java:parseWebAppDescriptors:585)
                  addEnvEntries

                  [DEBUG] 19:20 (AbstractWebContainer.java:parseWebAppDescriptors:588)
                  linkResourceEnvRefs

                  [DEBUG] 19:20 (AbstractWebContainer.java:parseWebAppDescriptors:591)
                  linkResourceRefs

                  [DEBUG] 19:20 (AbstractWebContainer.java:parseWebAppDescriptors:594)
                  linkEjbRefs

                  [DEBUG] 19:20 (AbstractWebContainer.java:parseWebAppDescriptors:597)
                  linkEjbLocalRefs

                  [DEBUG] 19:20 (AbstractWebContainer.java:parseWebAppDescriptors:600)
                  linkSecurityDomain

                  [DEBUG] 19:20 (AbstractWebContainer.java:linkSecurityDomain:788)
                  Linking security/securityMgr to JNDI name: java:/jaas/http-invoker

                  [DEBUG] 19:20 (AbstractWebContainer.java:parseWebAppDescriptors:602)
                  AbstractWebContainer.parseWebAppDescriptors, End

                  [ INFO] 19:21 (Log4jLogger.java:log:149)
                  SingleSignOnContextConfig[/invoker]: Added certificates -> request attribute Val
                  ve

                  [ INFO] 19:21 (Log4jLogger.java:log:149)
                  SingleSignOnContextConfig[/invoker]: Configured an authenticator for method BASI
                  C

                  [DEBUG] 19:21 (EmbeddedTomcatService.java:lifecycleEvent:536)
                  Context.lifecycleEvent, event=org.apache.catalina.LifecycleEvent[source=Standard
                  Engine[MainEngine].StandardHost[localhost].StandardContext[/invoker]]

                  [ WARN] 19:21 (EmbeddedTomcatService.java:contextInit:637)
                  Unable to invoke setDelegate on class loader:org.jboss.web.tomcat.tc4.WebCtxLoad
                  er$ENCLoader@14c7a98

                  [ INFO] 19:21 (Log4jLogger.java:log:149)
                  StandardManager[/invoker]: Seeding random number generator class java.security.S
                  ecureRandom

                  [ INFO] 19:21 (Log4jLogger.java:log:149)
                  StandardManager[/invoker]: Seeding of random number generator has been completed


                  [ INFO] 19:21 (Log4jLogger.java:log:149)
                  StandardWrapper[/invoker:default]: Loading container servlet default

                  [ INFO] 19:21 (Log4jLogger.java:log:149)
                  StandardWrapper[/invoker:invoker]: Loading container servlet invoker

                  [DEBUG] 19:22 (EmbeddedTomcatService.java:performDeploy:310)
                  Initialized: {WebApplication: /C:/tools/jboss-3.2.3/server/default/deploy/http-i
                  nvoker.sar/invoker.war/, URL: file:/C:/tools/jboss-3.2.3/server/default/deploy/h
                  ttp-invoker.sar/invoker.war/, classLoader: java.net.FactoryURLClassLoader@1fc468
                  e:33310350}

                  [ INFO] 19:22 (ServiceMBeanSupport.java:start:220)
                  Started jboss.web:service=WebServer

                  [DEBUG] 19:22 (AbstractWebContainer.java:init:276)
                  Begin init

                  [DEBUG] 19:22 (AbstractWebContainer.java:init:353)
                  End init

                  [DEBUG] 19:22 (AbstractWebContainer.java:start:418)
                  webContext: null

                  [DEBUG] 19:22 (AbstractWebContainer.java:start:419)
                  warURL: file:/C:/tools/jboss-3.2.3/server/default/deploy/jms/jbossmq-httpil.sar/
                  jbossmq-httpil.war/

                  [DEBUG] 19:22 (AbstractWebContainer.java:start:420)
                  webAppParser: org.jboss.web.AbstractWebContainer$DescriptorParser@1082277

                  [ INFO] 19:22 (EmbeddedTomcatService.java:performDeploy:306)
                  deploy, ctxPath=/jbossmq-httpil, warUrl=file:/C:/tools/jboss-3.2.3/server/defaul
                  t/deploy/jms/jbossmq-httpil.sar/jbossmq-httpil.war/

                  [DEBUG] 19:22 (EmbeddedTomcatService.java:createWebContext:521)
                  Using session cookies default setting

                  [DEBUG] 19:22 (AbstractWebContainer.java:parseWebAppDescriptors:555)
                  AbstractWebContainer.parseWebAppDescriptors, Begin

                  [DEBUG] 19:22 (AbstractWebContainer.java:parseWebAppDescriptors:563)
                  Creating ENC using ClassLoader: java.net.FactoryURLClassLoader@10eb535

                  [DEBUG] 19:22 (AbstractWebContainer.java:parseWebAppDescriptors:567)
                  ..org.jboss.mx.loading.UnifiedClassLoader3@1e5c339{ url=file:/C:/tools/jboss-3.2
                  .3/server/default/deploy/jms/jbossmq-httpil.sar/ ,addedOrder=6}

                  [DEBUG] 19:22 (AbstractWebContainer.java:parseWebAppDescriptors:567)
                  ..org.jboss.system.server.NoAnnotationURLClassLoader@13f3045

                  [DEBUG] 19:22 (AbstractWebContainer.java:parseWebAppDescriptors:567)
                  ..sun.misc.Launcher$AppClassLoader@e80a59

                  [DEBUG] 19:22 (AbstractWebContainer.java:parseWebAppDescriptors:567)
                  ..sun.misc.Launcher$ExtClassLoader@1ff5ea7

                  [DEBUG] 19:22 (AbstractWebContainer.java:parseWebAppDescriptors:576)
                  Linked java:comp/UserTransaction to JNDI name: UserTransaction

                  [DEBUG] 19:22 (AbstractWebContainer.java:parseWebAppDescriptors:585)
                  addEnvEntries

                  [DEBUG] 19:22 (AbstractWebContainer.java:parseWebAppDescriptors:588)
                  linkResourceEnvRefs

                  [DEBUG] 19:22 (AbstractWebContainer.java:parseWebAppDescriptors:591)
                  linkResourceRefs

                  [DEBUG] 19:22 (AbstractWebContainer.java:parseWebAppDescriptors:594)
                  linkEjbRefs

                  [DEBUG] 19:22 (AbstractWebContainer.java:parseWebAppDescriptors:597)
                  linkEjbLocalRefs

                  [DEBUG] 19:22 (AbstractWebContainer.java:parseWebAppDescriptors:600)
                  linkSecurityDomain

                  [DEBUG] 19:22 (AbstractWebContainer.java:linkSecurityDomain:788)
                  Linking security/securityMgr to JNDI name: java:/jaas/jbossmq-httpil

                  [DEBUG] 19:22 (AbstractWebContainer.java:parseWebAppDescriptors:602)
                  AbstractWebContainer.parseWebAppDescriptors, End

                  [ INFO] 19:22 (Log4jLogger.java:log:149)
                  SingleSignOnContextConfig[/jbossmq-httpil]: Added certificates -> request attrib
                  ute Valve

                  [ INFO] 19:22 (Log4jLogger.java:log:149)
                  SingleSignOnContextConfig[/jbossmq-httpil]: Configured an authenticator for meth
                  od BASIC

                  [DEBUG] 19:22 (EmbeddedTomcatService.java:lifecycleEvent:536)
                  Context.lifecycleEvent, event=org.apache.catalina.LifecycleEvent[source=Standard
                  Engine[MainEngine].StandardHost[localhost].StandardContext[/jbossmq-httpil]]

                  [ WARN] 19:22 (EmbeddedTomcatService.java:contextInit:637)
                  Unable to invoke setDelegate on class loader:org.jboss.web.tomcat.tc4.WebCtxLoad
                  er$ENCLoader@39d811

                  [ INFO] 19:22 (Log4jLogger.java:log:149)
                  StandardManager[/jbossmq-httpil]: Seeding random number generator class java.sec
                  urity.SecureRandom

                  [ INFO] 19:22 (Log4jLogger.java:log:149)
                  StandardManager[/jbossmq-httpil]: Seeding of random number generator has been co
                  mpleted

                  [ INFO] 19:22 (Log4jLogger.java:log:149)
                  StandardWrapper[/jbossmq-httpil:default]: Loading container servlet default

                  [ INFO] 19:22 (Log4jLogger.java:log:149)
                  StandardWrapper[/jbossmq-httpil:invoker]: Loading container servlet invoker

                  [DEBUG] 19:22 (EmbeddedTomcatService.java:performDeploy:310)
                  Initialized: {WebApplication: /C:/tools/jboss-3.2.3/server/default/deploy/jms/jb
                  ossmq-httpil.sar/jbossmq-httpil.war/, URL: file:/C:/tools/jboss-3.2.3/server/def
                  ault/deploy/jms/jbossmq-httpil.sar/jbossmq-httpil.war/, classLoader: java.net.Fa
                  ctoryURLClassLoader@10eb535:17741109}

                  [ INFO] 19:27 (JaasSecurityManagerService.java:newSecurityDomainCtx:494)
                  Created securityMgr=org.jboss.security.plugins.JaasSecurityManager@7a140f

                  [DEBUG] 19:27 (JaasSecurityManager.java:setCachePolicy:181)
                  CachePolicy set to: org.jboss.util.TimedCachePolicy@1079781

                  [ INFO] 19:27 (JaasSecurityManagerService.java:setSecurityDomainCache:451)
                  setCachePolicy, c=org.jboss.util.TimedCachePolicy@1079781

                  [ INFO] 19:27 (JaasSecurityManagerService.java:lookupSecurityDomain:472)
                  Added HsqlDbRealm, org.jboss.security.plugins.SecurityDomainContext@16bbeaf to m
                  ap

                  [ INFO] 19:27 (JaasSecurityManagerService.java:newSecurityDomainCtx:494)
                  Created securityMgr=org.jboss.security.plugins.JaasSecurityManager@ae4f8b

                  [DEBUG] 19:27 (JaasSecurityManager.java:setCachePolicy:181)
                  CachePolicy set to: org.jboss.util.TimedCachePolicy@1e8614a

                  [ INFO] 19:27 (JaasSecurityManagerService.java:setSecurityDomainCache:451)
                  setCachePolicy, c=org.jboss.util.TimedCachePolicy@1e8614a

                  [ INFO] 19:27 (JaasSecurityManagerService.java:lookupSecurityDomain:472)
                  Added jbossmq, org.jboss.security.plugins.SecurityDomainContext@14b52aa to map

                  [ INFO] 19:28 (JaasSecurityManagerService.java:newSecurityDomainCtx:494)
                  Created securityMgr=org.jboss.security.plugins.JaasSecurityManager@1443628

                  [DEBUG] 19:28 (JaasSecurityManager.java:setCachePolicy:181)
                  CachePolicy set to: org.jboss.util.TimedCachePolicy@13f903b

                  [ INFO] 19:28 (JaasSecurityManagerService.java:setSecurityDomainCache:451)
                  setCachePolicy, c=org.jboss.util.TimedCachePolicy@13f903b

                  [ INFO] 19:28 (JaasSecurityManagerService.java:lookupSecurityDomain:472)
                  Added JmsXARealm, org.jboss.security.plugins.SecurityDomainContext@164a8c to map


                  [DEBUG] 19:29 (AbstractWebContainer.java:init:276)
                  Begin init

                  [DEBUG] 19:29 (AbstractWebContainer.java:init:353)
                  End init

                  [DEBUG] 19:29 (AbstractWebContainer.java:start:418)
                  webContext: null

                  [DEBUG] 19:29 (AbstractWebContainer.java:start:419)
                  warURL: file:/C:/tools/jboss-3.2.3/server/default/deploy/express.war/

                  [DEBUG] 19:29 (AbstractWebContainer.java:start:420)
                  webAppParser: org.jboss.web.AbstractWebContainer$DescriptorParser@7cb66a

                  [ INFO] 19:29 (EmbeddedTomcatService.java:performDeploy:306)
                  deploy, ctxPath=/express, warUrl=file:/C:/tools/jboss-3.2.3/server/default/deplo
                  y/express.war/

                  [DEBUG] 19:30 (EmbeddedTomcatService.java:createWebContext:521)
                  Using session cookies default setting

                  [DEBUG] 19:30 (AbstractWebContainer.java:parseWebAppDescriptors:555)
                  AbstractWebContainer.parseWebAppDescriptors, Begin

                  [DEBUG] 19:30 (AbstractWebContainer.java:parseWebAppDescriptors:563)
                  Creating ENC using ClassLoader: java.net.FactoryURLClassLoader@2465e5

                  [DEBUG] 19:30 (AbstractWebContainer.java:parseWebAppDescriptors:567)
                  ..org.jboss.mx.loading.UnifiedClassLoader3@1df59bd{ url=file:/C:/tools/jboss-3.2
                  .3/server/default/deploy/express.war/ ,addedOrder=35}

                  [DEBUG] 19:30 (AbstractWebContainer.java:parseWebAppDescriptors:567)
                  ..org.jboss.system.server.NoAnnotationURLClassLoader@13f3045

                  [DEBUG] 19:30 (AbstractWebContainer.java:parseWebAppDescriptors:567)
                  ..sun.misc.Launcher$AppClassLoader@e80a59

                  [DEBUG] 19:30 (AbstractWebContainer.java:parseWebAppDescriptors:567)
                  ..sun.misc.Launcher$ExtClassLoader@1ff5ea7

                  [DEBUG] 19:30 (AbstractWebContainer.java:parseWebAppDescriptors:576)
                  Linked java:comp/UserTransaction to JNDI name: UserTransaction

                  [DEBUG] 19:30 (AbstractWebContainer.java:parseWebAppDescriptors:585)
                  addEnvEntries

                  [DEBUG] 19:30 (AbstractWebContainer.java:parseWebAppDescriptors:588)
                  linkResourceEnvRefs

                  [DEBUG] 19:30 (AbstractWebContainer.java:linkResourceEnvRefs:640)
                  Linking 'jms/processStatus' to JNDI name: topic/processStatus

                  [DEBUG] 19:30 (AbstractWebContainer.java:linkResourceEnvRefs:640)
                  Linking 'jms/Wafer2DBQueue' to JNDI name: queue/Wafer2DBQueue

                  [DEBUG] 19:30 (AbstractWebContainer.java:linkResourceEnvRefs:640)
                  Linking 'jms/uploadStatus' to JNDI name: topic/uploadStatus

                  [DEBUG] 19:30 (AbstractWebContainer.java:parseWebAppDescriptors:591)
                  linkResourceRefs

                  [DEBUG] 19:30 (AbstractWebContainer.java:linkResourceRefs:674)
                  Linking 'jdbc/mysql' to JNDI name: java:jdbc/mysql

                  [DEBUG] 19:30 (AbstractWebContainer.java:parseWebAppDescriptors:594)
                  linkEjbRefs

                  [DEBUG] 19:30 (AbstractWebContainer.java:parseWebAppDescriptors:597)
                  linkEjbLocalRefs

                  [DEBUG] 19:30 (AbstractWebContainer.java:parseWebAppDescriptors:600)
                  linkSecurityDomain

                  [DEBUG] 19:30 (AbstractWebContainer.java:linkSecurityDomain:779)
                  Binding security/securityMgr to NullSecurityManager

                  [DEBUG] 19:30 (AbstractWebContainer.java:parseWebAppDescriptors:602)
                  AbstractWebContainer.parseWebAppDescriptors, End

                  [ INFO] 19:31 (Log4jLogger.java:log:149)
                  SingleSignOnContextConfig[/express]: Added certificates -> request attribute Val
                  ve

                  [ INFO] 19:31 (Log4jLogger.java:log:149)
                  SingleSignOnContextConfig[/express]: Configured an authenticator for method FORM


                  [DEBUG] 19:31 (EmbeddedTomcatService.java:lifecycleEvent:536)
                  Context.lifecycleEvent, event=org.apache.catalina.LifecycleEvent[source=Standard
                  Engine[MainEngine].StandardHost[localhost].StandardContext[/express]]

                  [ WARN] 19:31 (EmbeddedTomcatService.java:contextInit:637)
                  Unable to invoke setDelegate on class loader:org.jboss.web.tomcat.tc4.WebCtxLoad
                  er$ENCLoader@20a52f

                  [ INFO] 19:31 (Log4jLogger.java:log:149)
                  StandardManager[/express]: Seeding random number generator class java.security.S
                  ecureRandom

                  [ INFO] 19:31 (Log4jLogger.java:log:149)
                  StandardManager[/express]: Seeding of random number generator has been completed


                  [ INFO] 19:31 (Log4jLogger.java:log:149)
                  Loading root WebApplicationContext

                  [DEBUG] 19:35 (JMSTemplate.java:subscribeToTopicNonDurable:141)
                  Looked up topic with name 'java:comp/env/jms/uploadStatus'

                  [DEBUG] 19:35 (JMSTemplate.java:subscribeToTopicNonDurable:150)
                  MessageListener [com.testAdvantage.webapp.listener.StartupJMSStatusQueueListener
                  $UploadStatusListener@e2d0ab] subscribed OK to topic with name 'java:comp/env/jm
                  s/uploadStatus'

                  [DEBUG] 19:35 (JMSTemplate.java:subscribeToTopicNonDurable:141)
                  Looked up topic with name 'java:comp/env/jms/processStatus'

                  [DEBUG] 19:35 (JMSTemplate.java:subscribeToTopicNonDurable:150)
                  MessageListener [com.testAdvantage.webapp.listener.StartupJMSStatusQueueListener
                  $ProcessStatusListener@1e2350a] subscribed OK to topic with name 'java:comp/env/
                  jms/processStatus'

                  [ INFO] 19:35 (Log4jLogger.java:log:149)
                  StandardWrapper[/express:default]: Loading container servlet default

                  [DEBUG] 19:35 (ActionServlet.java:initServlet:1118)
                  Scanning web.xml for controller servlet mapping

                  [DEBUG] 19:35 (ActionServlet.java:addServletMapping:490)
                  Process servletName=action, urlPattern=*.do

                  [DEBUG] 19:35 (ActionServlet.java:addServletMapping:490)
                  Process servletName=register, urlPattern=/register/*

                  [DEBUG] 19:35 (ActionServlet.java:addServletMapping:490)
                  Process servletName=register, urlPattern=/passwordHint/*

                  [DEBUG] 19:35 (ActionServlet.java:addServletMapping:490)
                  Process servletName=login, urlPattern=/security/authorize/*

                  [DEBUG] 19:36 (ActionServlet.java:initServlet:1151)
                  Mapping for servlet 'action' = '*.do'

                  [DEBUG] 19:36 (ActionServlet.java:initModuleConfig:683)
                  Initializing module path '' configuration from '/WEB-INF/struts-config.xml'

                  [DEBUG] 19:36 (ActionServlet.java:initModuleMessageResources:905)
                  Initializing module path '' message resources from 'ApplicationResources'

                  [DEBUG] 19:36 (ActionServlet.java:initModuleDataSources:794)
                  Initializing module path '' data sources

                  [DEBUG] 19:36 (ActionServlet.java:initModulePlugIns:844)
                  Initializing module path '' plug ins

                  [DEBUG] 19:37 (ActionServlet.java:initModuleConfig:683)
                  Initializing module path '/upload' configuration from '/WEB-INF/struts-upload.xm
                  l'

                  [DEBUG] 19:37 (ActionServlet.java:initModuleMessageResources:905)
                  Initializing module path '/upload' message resources from 'UploadResources'

                  [DEBUG] 19:37 (ActionServlet.java:initModuleDataSources:794)
                  Initializing module path '/upload' data sources

                  [DEBUG] 19:37 (ActionServlet.java:initModulePlugIns:844)
                  Initializing module path '/upload' plug ins

                  [ INFO] 19:37 (Log4jLogger.java:log:149)
                  StandardWrapper[/express:invoker]: Loading container servlet invoker

                  [DEBUG] 19:37 (EmbeddedTomcatService.java:performDeploy:310)
                  Initialized: {WebApplication: /C:/tools/jboss-3.2.3/server/default/deploy/expres
                  s.war/, URL: file:/C:/tools/jboss-3.2.3/server/default/deploy/express.war/, clas
                  sLoader: java.net.FactoryURLClassLoader@2465e5:2385381}

                  [DEBUG] 19:37 (AbstractWebContainer.java:init:276)
                  Begin init

                  [DEBUG] 19:37 (AbstractWebContainer.java:init:353)
                  End init

                  [DEBUG] 19:37 (AbstractWebContainer.java:start:418)
                  webContext: null

                  [DEBUG] 19:37 (AbstractWebContainer.java:start:419)
                  warURL: file:/C:/tools/jboss-3.2.3/server/default/deploy/jmx-console.war/

                  [DEBUG] 19:37 (AbstractWebContainer.java:start:420)
                  webAppParser: org.jboss.web.AbstractWebContainer$DescriptorParser@16091de

                  [ INFO] 19:37 (EmbeddedTomcatService.java:performDeploy:306)
                  deploy, ctxPath=/jmx-console, warUrl=file:/C:/tools/jboss-3.2.3/server/default/d
                  eploy/jmx-console.war/

                  [DEBUG] 19:37 (EmbeddedTomcatService.java:createWebContext:521)
                  Using session cookies default setting

                  [DEBUG] 19:37 (AbstractWebContainer.java:parseWebAppDescriptors:555)
                  AbstractWebContainer.parseWebAppDescriptors, Begin

                  [DEBUG] 19:37 (AbstractWebContainer.java:parseWebAppDescriptors:563)
                  Creating ENC using ClassLoader: java.net.FactoryURLClassLoader@108b095

                  [DEBUG] 19:37 (AbstractWebContainer.java:parseWebAppDescriptors:567)
                  ..org.jboss.mx.loading.UnifiedClassLoader3@1743be{ url=file:/C:/tools/jboss-3.2.
                  3/server/default/deploy/jmx-console.war/ ,addedOrder=36}

                  [DEBUG] 19:37 (AbstractWebContainer.java:parseWebAppDescriptors:567)
                  ..org.jboss.system.server.NoAnnotationURLClassLoader@13f3045

                  [DEBUG] 19:37 (AbstractWebContainer.java:parseWebAppDescriptors:567)
                  ..sun.misc.Launcher$AppClassLoader@e80a59

                  [DEBUG] 19:37 (AbstractWebContainer.java:parseWebAppDescriptors:567)
                  ..sun.misc.Launcher$ExtClassLoader@1ff5ea7

                  [DEBUG] 19:37 (AbstractWebContainer.java:parseWebAppDescriptors:576)
                  Linked java:comp/UserTransaction to JNDI name: UserTransaction

                  [DEBUG] 19:37 (AbstractWebContainer.java:parseWebAppDescriptors:585)
                  addEnvEntries

                  [DEBUG] 19:37 (AbstractWebContainer.java:parseWebAppDescriptors:588)
                  linkResourceEnvRefs

                  [DEBUG] 19:37 (AbstractWebContainer.java:parseWebAppDescriptors:591)
                  linkResourceRefs

                  [DEBUG] 19:37 (AbstractWebContainer.java:parseWebAppDescriptors:594)
                  linkEjbRefs

                  [DEBUG] 19:37 (AbstractWebContainer.java:parseWebAppDescriptors:597)
                  linkEjbLocalRefs

                  [DEBUG] 19:37 (AbstractWebContainer.java:parseWebAppDescriptors:600)
                  linkSecurityDomain

                  [DEBUG] 19:37 (AbstractWebContainer.java:linkSecurityDomain:779)
                  Binding security/securityMgr to NullSecurityManager

                  [DEBUG] 19:37 (AbstractWebContainer.java:parseWebAppDescriptors:602)
                  AbstractWebContainer.parseWebAppDescriptors, End

                  [ INFO] 19:37 (Log4jLogger.java:log:149)
                  SingleSignOnContextConfig[/jmx-console]: Added certificates -> request attribute
                  Valve

                  [DEBUG] 19:37 (EmbeddedTomcatService.java:lifecycleEvent:536)
                  Context.lifecycleEvent, event=org.apache.catalina.LifecycleEvent[source=Standard
                  Engine[MainEngine].StandardHost[localhost].StandardContext[/jmx-console]]

                  [ WARN] 19:37 (EmbeddedTomcatService.java:contextInit:637)
                  Unable to invoke setDelegate on class loader:org.jboss.web.tomcat.tc4.WebCtxLoad
                  er$ENCLoader@1219b8c

                  [ INFO] 19:37 (Log4jLogger.java:log:149)
                  StandardManager[/jmx-console]: Seeding random number generator class java.securi
                  ty.SecureRandom

                  [ INFO] 19:37 (Log4jLogger.java:log:149)
                  StandardManager[/jmx-console]: Seeding of random number generator has been compl
                  eted

                  [ INFO] 19:37 (Log4jLogger.java:log:149)
                  StandardWrapper[/jmx-console:default]: Loading container servlet default

                  [ INFO] 19:37 (Log4jLogger.java:log:149)
                  StandardWrapper[/jmx-console:invoker]: Loading container servlet invoker

                  [DEBUG] 19:37 (EmbeddedTomcatService.java:performDeploy:310)
                  Initialized: {WebApplication: /C:/tools/jboss-3.2.3/server/default/deploy/jmx-co
                  nsole.war/, URL: file:/C:/tools/jboss-3.2.3/server/default/deploy/jmx-console.wa
                  r/, classLoader: java.net.FactoryURLClassLoader@108b095:17346709}

                  [DEBUG] 19:37 (AbstractWebContainer.java:init:276)
                  Begin init

                  [DEBUG] 19:37 (AbstractWebContainer.java:init:299)
                  Unpacking war to: C:\tools\jboss-3.2.3\server\default\tmp\deploy\tmp10693web-con
                  sole.war

                  [DEBUG] 19:38 (AbstractWebContainer.java:init:303)
                  Replaced war with unpacked contents

                  [DEBUG] 19:38 (AbstractWebContainer.java:init:307)
                  Deleted war archive

                  [DEBUG] 19:38 (AbstractWebContainer.java:init:353)
                  End init

                  [DEBUG] 19:38 (AbstractWebContainer.java:start:418)
                  webContext: null

                  [DEBUG] 19:38 (AbstractWebContainer.java:start:419)
                  warURL: file:/C:/tools/jboss-3.2.3/server/default/tmp/deploy/tmp10693web-console
                  .war/

                  [DEBUG] 19:38 (AbstractWebContainer.java:start:420)
                  webAppParser: org.jboss.web.AbstractWebContainer$DescriptorParser@5ec940

                  [ INFO] 19:38 (EmbeddedTomcatService.java:performDeploy:306)
                  deploy, ctxPath=/web-console, warUrl=file:/C:/tools/jboss-3.2.3/server/default/t
                  mp/deploy/tmp10693web-console.war/

                  [DEBUG] 19:38 (EmbeddedTomcatService.java:createWebContext:521)
                  Using session cookies default setting

                  [DEBUG] 19:38 (AbstractWebContainer.java:parseWebAppDescriptors:555)
                  AbstractWebContainer.parseWebAppDescriptors, Begin

                  [DEBUG] 19:38 (AbstractWebContainer.java:parseWebAppDescriptors:563)
                  Creating ENC using ClassLoader: java.net.FactoryURLClassLoader@eeb406

                  [DEBUG] 19:38 (AbstractWebContainer.java:parseWebAppDescriptors:567)
                  ..org.jboss.mx.loading.UnifiedClassLoader3@551ee3{ url=file:/C:/tools/jboss-3.2.
                  3/server/default/tmp/deploy/tmp10693web-console.war/ ,addedOrder=37}

                  [DEBUG] 19:38 (AbstractWebContainer.java:parseWebAppDescriptors:567)
                  ..org.jboss.system.server.NoAnnotationURLClassLoader@13f3045

                  [DEBUG] 19:38 (AbstractWebContainer.java:parseWebAppDescriptors:567)
                  ..sun.misc.Launcher$AppClassLoader@e80a59

                  [DEBUG] 19:38 (AbstractWebContainer.java:parseWebAppDescriptors:567)
                  ..sun.misc.Launcher$ExtClassLoader@1ff5ea7

                  [DEBUG] 19:38 (AbstractWebContainer.java:parseWebAppDescriptors:576)
                  Linked java:comp/UserTransaction to JNDI name: UserTransaction

                  [DEBUG] 19:38 (AbstractWebContainer.java:parseWebAppDescriptors:585)
                  addEnvEntries

                  [DEBUG] 19:38 (AbstractWebContainer.java:parseWebAppDescriptors:588)
                  linkResourceEnvRefs

                  [DEBUG] 19:38 (AbstractWebContainer.java:parseWebAppDescriptors:591)
                  linkResourceRefs

                  [DEBUG] 19:38 (AbstractWebContainer.java:parseWebAppDescriptors:594)
                  linkEjbRefs

                  [DEBUG] 19:38 (AbstractWebContainer.java:parseWebAppDescriptors:597)
                  linkEjbLocalRefs

                  [DEBUG] 19:38 (AbstractWebContainer.java:parseWebAppDescriptors:600)
                  linkSecurityDomain

                  [DEBUG] 19:38 (AbstractWebContainer.java:linkSecurityDomain:779)
                  Binding security/securityMgr to NullSecurityManager

                  [DEBUG] 19:38 (AbstractWebContainer.java:parseWebAppDescriptors:602)
                  AbstractWebContainer.parseWebAppDescriptors, End

                  [ INFO] 19:38 (Log4jLogger.java:log:149)
                  SingleSignOnContextConfig[/web-console]: Added certificates -> request attribute
                  Valve

                  [DEBUG] 19:38 (EmbeddedTomcatService.java:lifecycleEvent:536)
                  Context.lifecycleEvent, event=org.apache.catalina.LifecycleEvent[source=Standard
                  Engine[MainEngine].StandardHost[localhost].StandardContext[/web-console]]

                  [ WARN] 19:38 (EmbeddedTomcatService.java:contextInit:637)
                  Unable to invoke setDelegate on class loader:org.jboss.web.tomcat.tc4.WebCtxLoad
                  er$ENCLoader@1ee4dbe

                  [ INFO] 19:38 (Log4jLogger.java:log:149)
                  StandardManager[/web-console]: Seeding random number generator class java.securi
                  ty.SecureRandom

                  [ INFO] 19:38 (Log4jLogger.java:log:149)
                  StandardManager[/web-console]: Seeding of random number generator has been compl
                  eted

                  [ INFO] 19:38 (Log4jLogger.java:log:149)
                  StandardWrapper[/web-console:default]: Loading container servlet default

                  [ INFO] 19:39 (Log4jLogger.java:log:149)
                  StandardWrapper[/web-console:invoker]: Loading container servlet invoker

                  [DEBUG] 19:39 (EmbeddedTomcatService.java:performDeploy:310)
                  Initialized: {WebApplication: /C:/tools/jboss-3.2.3/server/default/tmp/deploy/tm
                  p10693web-console.war/, URL: file:/C:/tools/jboss-3.2.3/server/default/tmp/deplo
                  y/tmp10693web-console.war/, classLoader: java.net.FactoryURLClassLoader@eeb406:1
                  5643654}

                  • 7. Re: JBoss Security Roles Problem.... everyone is admin!
                    Adrian Brock Master

                    It says it is using the NullSecurityManager.

                    Do you have
                    <jboss-web>
                    <security-domain>express</security-domain>
                    etc.

                    in your WEB-INF/jboss-web.xml?

                    Regards,
                    Adrian

                    • 9. Re: JBoss Security Roles Problem.... everyone is admin!
                      Rick Hightower Newbie

                      The good news is I can't login which means I am not using the NullSecurityManager. The bad news is I can't login. I get the following exception:

                      javax.naming.NamingException: Could not dereference object [Root exception is ja
                      vax.naming.NameNotFoundException: express not bound]
                      at org.jnp.interfaces.NamingContext.resolveLink(NamingContext.java:970)
                      at org.jnp.interfaces.NamingContext.lookup(NamingContext.java:613)
                      at org.jnp.interfaces.NamingContext.lookup(NamingContext.java:507)
                      at org.jboss.web.tomcat.security.JBossSecurityMgrRealm.authenticate(JBos
                      sSecurityMgrRealm.java:276)
                      at org.jboss.web.tomcat.tc4.authenticator.FormAuthenticator.authenticate
                      (FormAuthenticator.java:320)
                      at org.apache.catalina.authenticator.AuthenticatorBase.invoke(Authentica
                      torBase.java:481)
                      at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContex
                      t.invokeNext(StandardPipeline.java:641)
                      at org.apache.catalina.valves.CertificatesValve.invoke(CertificatesValve
                      .java:246)
                      at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContex
                      t.invokeNext(StandardPipeline.java:641)
                      at org.jboss.web.tomcat.tc4.statistics.ContainerStatsValve.invoke(Contai
                      nerStatsValve.java:76)
                      at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContex
                      t.invokeNext(StandardPipeline.java:641)
                      at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.jav
                      a:480)
                      at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)

                      at org.apache.catalina.core.StandardContext.invoke(StandardContext.java:
                      2417)
                      at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.j
                      ava:180)
                      at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContex
                      t.invokeNext(StandardPipeline.java:643)
                      at org.apache.catalina.valves.ErrorDispatcherValve.invoke(ErrorDispatche
                      rValve.java:171)
                      at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContex
                      t.invokeNext(StandardPipeline.java:641)
                      at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.j
                      ava:172)
                      at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContex
                      t.invokeNext(StandardPipeline.java:641)
                      at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(Securit
                      yAssociationValve.java:65)
                      at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContex
                      t.invokeNext(StandardPipeline.java:641)
                      at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:
                      577)
                      at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContex
                      t.invokeNext(StandardPipeline.java:641)
                      at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.jav
                      a:480)
                      at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)

                      at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineVal
                      ve.java:174)
                      at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContex
                      t.invokeNext(StandardPipeline.java:643)
                      at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.jav
                      a:480)
                      at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)

                      at org.apache.coyote.tomcat4.CoyoteAdapter.service(CoyoteAdapter.java:19
                      7)
                      at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java
                      :781)
                      at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.proce
                      ssConnection(Http11Protocol.java:549)
                      at org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java
                      :605)
                      at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadP
                      ool.java:677)
                      at java.lang.Thread.run(Thread.java:534)
                      Caused by: javax.naming.NameNotFoundException: express not bound
                      at org.jnp.server.NamingServer.getBinding(NamingServer.java:495)
                      at org.jnp.server.NamingServer.getBinding(NamingServer.java:503)
                      at org.jnp.server.NamingServer.getObject(NamingServer.java:509)
                      at org.jnp.server.NamingServer.lookup(NamingServer.java:282)
                      at org.jnp.interfaces.NamingContext.lookup(NamingContext.java:528)
                      at org.jnp.interfaces.NamingContext.lookup(NamingContext.java:507)
                      at javax.naming.InitialContext.lookup(InitialContext.java:347)
                      at org.jnp.interfaces.NamingContext.resolveLink(NamingContext.java:964)

                      • 10. Re: JBoss Security Roles Problem.... everyone is admin!
                        Adrian Brock Master

                        Apologies, I gave you a bum steer.

                        It should be
                        <security-domain>java:/jaas/express</security-domain>

                        Where "express" is your login-config application policy name?

                        Regards,
                        Adrian

                        • 11. Re: JBoss Security Roles Problem.... everyone is admin!
                          Rick Hightower Newbie

                          Apologies, heck! You ROCK! Thanks for your help.

                          Cool. I'll try it.

                          • 12. Re: JBoss Security Roles Problem.... everyone is admin!
                            Rick Hightower Newbie

                            I was missing the java:/ in front of jdbc/mysql....

                            <module-option name = "dsJndiName">java:/jdbc/mysql</module-option>

                            • 13. Re: JBoss Security Roles Problem.... everyone is admin!
                              Rick Hightower Newbie

                              [DEBUG] 32:04 (JaasSecurityManager.java:authenticate:458)
                              Login failure

                              javax.security.auth.login.FailedLoginException: Password Incorrect/Password Requ
                              ired
                              at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(Usernam
                              ePasswordLoginModule.java:154)
                              at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
                              at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.
                              java:39)
                              at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces
                              sorImpl.java:25)
                              at java.lang.reflect.Method.invoke(Method.java:324)
                              at javax.security.auth.login.LoginContext.invoke(LoginContext.java:675)
                              at javax.security.auth.login.LoginContext.access$000(LoginContext.java:1
                              29)
                              at javax.security.auth.login.LoginContext$4.run(LoginContext.java:610)
                              at java.security.AccessController.doPrivileged(Native Method)
                              at javax.security.auth.login.LoginContext.invokeModule(LoginContext.java

                              • 14. Re: JBoss Security Roles Problem.... everyone is admin!
                                Rick Hightower Newbie

                                Thank you. Thank you. Thank you. It looks like it is finally working..... YEAH!

                                Turns out I did not want to use any encryption because the Servlet in my system already does it as well. Here is the final jboss-web.xml

                                <?xml version="1.0" encoding="UTF-8"?>
                                <!DOCTYPE jboss-web PUBLIC "-//JBoss//DTD Web Application 2.3//EN" "http://www.jboss.org/j2ee/dtd/jboss-web_3_0.dtd">

                                <jboss-web>

                                <!-- Resource Environment References -->
                                <security-domain>java:/jaas/expressDomain</security-domain>
                                <!-- JMS Queues and Topcis -->
                                .
                                .
                                .
                                </jboss-web>

                                Here is the final security domain setup....

                                <application-policy name = "expressDomain">


                                <login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule"
                                flag = "required">
                                <module-option name = "dsJndiName">java:/jdbc/mysql</module-option>
                                <module-option name = "principalsQuery">
                                select passwrd from app_user where username=?
                                </module-option>
                                <module-option name = "rolesQuery">
                                select role_name, 'Roles' from user_role where username=?
                                </module-option>
                                <!-- <module-option name="hashAlgorithm">SHA</module-option> -->
                                <!-- module-option name="hashEncoding">base64</module-option -->

                                </login-module>

                                </application-policy>


                                Thanks again!

                                Rick Hightower