1 Reply Latest reply on Jun 7, 2004 12:14 PM by Scott Stark

    servlet to login a user as guets

    remowaller Newbie

      I would like to give unregistered user acces to my webapp. therefore I would like to to create an user (guest) with the role guest. This is already done.
      but now there's a problem:
      because I've stored the role in the db, I have to login the guest-user automatically as a user with the guest-role. Therefor I would like to write a GuestLoginServlet, which only authorized this user as guest, that the method:
      isUserInRole("guest") return true!
      But how should I do that?
      (by the way, I've got a solution with constraints in the web.xml, but that could'nt be the right solution).

      Is there a possibility to login a user in a servlet? or can I determine a default role, which a not authorized user has? and where do I have to determine this role and has this role to exist in the db?
      my login-config.xml looks as following:

      <application-policy name = "adminDomain">

      <login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag = "required">
      <module-option name = "dsJndiName">java:/DefaultDS</module-option>
      <module-option name = "principalsQuery">select password from users where login=?</module-option>
      <module-option name = "rolesQuery">select role, 'Roles' from roles where login=?</module-option>
      </login-module>

      </application-policy>


      Thank a lot for any hints...