Thanks,Scott Stark.
I don't solve my problem. I've read jaashowto and I follow it. I've the same problem when I use org.jboss.security.auth.spi.UsersRolesLoginModule and also when I use org.jboss.security.auth.spi.DatabaseServerLoginModule. It' s very strange!?
I use a custom server configuration,
my file login-confi.xml is:
<!DOCTYPE policy (View Source for full doctype...)>
- <!-- The JBoss server side JAAS login config file for the examples
-->
-
- <application-policy name="workflow1">
-
- <!--
A properties file LoginModule that supports CallerPrincipal mapping
LoginModule options:


-->
<login-module code="org.jboss.security.ClientLoginModule" flag="required" />
- <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag="required">
<module-option name="unauthenticatedIdentity">anonymous</module-option>
</login-module>

</application-policy>
- <application-policy name="workflow2">
-
- <!--
A JDBC based LoginModule
LoginModule options:
dsJndiName: The name of the DataSource of the database containing the Principals, Roles tables
principalsQuery: The prepared statement query equivalent to:
"select Password from Principals where PrincipalID=?"
rolesQuery: The prepared statement query equivalent to:
"select Role, RoleGroup from Roles where PrincipalID=?"
unauthenticatedIdentity: the principal assigned to callers without any authentication info


-->
<login-module code="org.jboss.security.ClientLoginModule" flag="required" />
- <login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="required">
<module-option name="dsJndiName">java:/DefaultDS</module-option>
<module-option name="principalsQuery">select Password from Principals where PrincipalID=?</module-option>
<module-option name="rolesQuery">select Role from Roles where PrincipalID=?</module-option>
</login-module>

</application-policy>
- <!-- The security domain for the HSQLDB
-->
- <application-policy name="HsqlDbRealm">
-
- <login-module code="org.jboss.resource.security.ConfiguredIdentityLoginModule" flag="required">
<module-option name="principal">sa</module-option>
<module-option name="userName">sa</module-option>
<module-option name="password" />
<module-option name="managedConnectionFactoryName">jboss.jca:service=LocalTxCM,name=DefaultDS</module-option>
</login-module>

</application-policy>
;

my auth.config in server conf is:
// The JBoss server side JAAS login config file for the examples

workflow1 {
// A properties file LoginModule that supports CallerPrincipal mapping

org.jboss.security.ClientLoginModule required
;
org.jboss.security.auth.spi.UsersRolesLoginModule required
unauthenticatedIdentity=nobody
;
};

workflow2 {
/* A JDBC based LoginModule
LoginModule options:
dsJndiName: The name of the DataSource of the database containing the Principals, Roles tables
principalsQuery: The prepared statement query equivalent to:
"select Password from Principals where PrincipalID=?"
rolesQuery: The prepared statement query equivalent to:
"select Role, RoleGroup from Roles where PrincipalID=?"
*/
org.jboss.security.ClientLoginModule required
;

org.jboss.security.auth.spi.DatabaseServerLoginModule required
dsJndiName="java:/DefaultDS"
principalsQuery="select Password from Principals where PrincipalID=?"
rolesQuery="select Role from Roles where PrincipalID=?"
unauthenticatedIdentity=nobody
;
};

other {

// jBoss LoginModule
org.jboss.security.ClientLoginModule required
;

// Put your login modules that need jBoss here
};

my client config is:
workflow1 {
// A properties file LoginModule that supports CallerPrincipal mapping

org.jboss.security.ClientLoginModule required
;
org.jboss.security.auth.spi.UsersRolesLoginModule required
;
};

workflow2 {
/* A JDBC based LoginModule
LoginModule options:
dsJndiName: The name of the DataSource of the database containing the Principals, Roles tables
principalsQuery: The prepared statement query equivalent to:
"select Password from Principals where PrincipalID=?"
rolesQuery: The prepared statement query equivalent to:
"select Role, RoleGroup from Roles where PrincipalID=?"
*/
org.jboss.security.ClientLoginModule required
;

org.jboss.security.auth.spi.DatabaseServerLoginModule required
;
};

other {

// jBoss LoginModule
org.jboss.security.ClientLoginModule required
;

// Put your login modules that need jBoss here
};
I put file users.properities and roles.properties in jar file and in directory server and client but I've ever the same error.

My client code .java is:
public class LoginClient {


private ap.com.tesi.session.LoginAccessHome getHome() throws NamingException {
return (ap.com.tesi.session.LoginAccessHome) getContext().lookup(
ap.com.tesi.session.LoginAccessHome.JNDI_NAME);
}
private InitialContext getContext() throws NamingException {
Hashtable props = new Hashtable();
props.put(InitialContext.INITIAL_CONTEXT_FACTORY,
"org.jnp.interfaces.NamingContextFactory");
props.put(InitialContext.PROVIDER_URL, "jnp://127.0.0.1:1099");
// This establishes the security for authorization/authentication
// props.put(InitialContext.SECURITY_PRINCIPAL,"username");
// props.put(InitialContext.SECURITY_CREDENTIALS,"password");
InitialContext initialContext = new InitialContext(props);
return initialContext;
}


public String testBean() {
LoginContext lc = null;
SimplePrincipal user=null;
try {
String a=JOptionPane.showInputDialog("Inserisci il nome");
String b=JOptionPane.showInputDialog("Inserisci la password");
String name = a;
char[] password = b.toCharArray();
AppCallbackHandler handler = new AppCallbackHandler(name,password);

lc = new LoginContext("workflow2",(CallbackHandler)handler);

System.out.println("Created LoginContext");
lc.login();
}
catch (LoginException le)
{
System.out.println("Login failed");
le.printStackTrace();
}




//altrimrnti: Autenticazione riuscita!
System.out.println("Autenticazione riuscita!");



I am very unhappy because I'm working to solve this problem by a week!!!
Please help me,
Thanks in advance Raf

I forget to inser the error. When I run the client, it give me:
Exception in thread "main" java.lang.SecurityException: Impossibile trovare una configurazione di login
at com.sun.security.auth.login.ConfigFile.(ConfigFile.java:97)
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
at java.lang.reflect.Constructor.newInstance(Constructor.java:274)
at java.lang.Class.newInstance0(Class.java:308)
at java.lang.Class.newInstance(Class.java:261)
at javax.security.auth.login.Configuration$3.run(Configuration.java:221)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.Configuration.getConfiguration(Configuration.java:215)
at javax.security.auth.login.LoginContext$1.run(LoginContext.java:170)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.init(LoginContext.java:167)
at javax.security.auth.login.LoginContext.(LoginContext.java:404)
at ap.com.tesi.client.LoginClient.testBean(LoginClient.java:65)
at ap.com.tesi.client.LoginClient.main(LoginClient.java:147)
Caused by: java.io.IOException: Impossibile trovare una configurazione di login
at com.sun.security.auth.login.ConfigFile.init(ConfigFile.java:206)
at com.sun.security.auth.login.ConfigFile.(ConfigFile.java:95)
... 15 more.
I'm using Jboss 3.2.3.
Thanks for yours helps!!!
Raf

Thanks very much morenito!!