0 Replies Latest reply on Jan 10, 2006 3:15 AM by Efrat Bar-Nahum

    Problems with isUserInRole and commit() method

    Efrat Bar-Nahum Newbie


      I'm using JAAS with JBoss for my web application.
      I'm trying to implement my own login module, and I want to extend from DatabaseServerLoginModule.

      In the login-config.xml I use:

      <application-policy name="ImagineModule">
       <login-module code="com.imagine.security.ImagineLoginModule"
       <module-option name="dsJndiName">java:/MySqlDS</module-option>
       <module-option name="principalsQuery">select passwd from User where username=?</module-option>
       <module-option name="rolesQuery">select userRoles,'Roles' from userrole where userName=?</module-option>

      In my web.xml:
       <display-name>require valid user</display-name>
       <web-resource-name>EM application</web-resource-name>
       <realm-name>EM Application</realm-name>

      I have few questions:
      1) Can I write ONLY my own login method (and use the default implementation of the commit)?
      When I try to do so I get failure in the commit and can't login (I get to my form-error-page).
      When I try to use my own commit I manage to get into my application, but when I do
      I get false where I should get true.

      So I'm thinking maybe I'm not implementing the commit well.
      2) How does the isUserInRole work? How do I set the roles?
      In my commit implenemtation I use my own Principals for user and role and do the following:
      subject.getPrincipals().add(new UserPrincipal("admin"));
      subject.getPrincipals().add(new RolePrincipal("Admin"));
      return true;

      How do I use this info later and set it in the session?
      When I add the RolePrincipal to the subject, how is it connected to the role that I ask for in isUserInRole?? (after all, the RolePrincipal is my own class).
      Can someone lead me in with the commit implementaion?
      I know that something is missing, but I don't know what...

      Please help...