wood burning stoves 2.0*
The moose likes JBoss/WildFly and the fly likes req.isUserInRole( Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Products » JBoss/WildFly
Bookmark "req.isUserInRole("admin"); return false??" Watch "req.isUserInRole("admin"); return false??" New topic

req.isUserInRole("admin"); return false??

Jhon Merced

Joined: Feb 24, 2006
Posts: 2
I'm using Jboss4.00 and using JAAS security for authentication and authoriztion of my application.
i setup the web.xml,for the security constraint.
the login-config.xml and jboss-web.xml.

but when i tried to view the req.isUserInRole("admin") the output is false,
can anybody explain me why.
but when i deploy my application in jboss 3.2xxx it returns true.

here's some of my setup
<web-resource-name>Secure Pages</web-resource-name>






<application-policy name = "application">
<login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag = "required">
<module-option name = "dsJndiName">java:/MySqlDS</module-option>
<module-option name = "principalsQuery">select password from user where user_id=?</module-option>
<module-option name = "rolesQuery">SELECT role, 'Roles' FROM roles WHERE user_id = ?</module-option>
<module-option name = "unauthenticatedIdentity">guest</module-option>
Ulf Dittmer

Joined: Mar 22, 2005
Posts: 41106
Welcome to JavaRanch.

Just to ask the obvious: Did you actually log in as 'admin' and supply the correct password? Does "req.isUserInRole("guest")" return true?

Ping & DNS - my free Android networking tools app
Jhon Merced

Joined: Feb 24, 2006
Posts: 2
Yes I have supplied the necessary data (username and password, with the admin role).
If you noticed on my post that when i try to deploy my application in jboss version 3.2xxx it returns true.
I think It has something todo with the Jboss version.
Ulf Dittmer

Joined: Mar 22, 2005
Posts: 41106
In that case, let's move this to the JBoss forum, and continue the discussion among the JBoss-savvy folks.
I agree. Here's the link: http://aspose.com/file-tools
subject: req.isUserInRole("admin"); return false??
Similar Threads
[jboss jaas] login-conf.xml configuration
authentication problem
403 access denied error
Certificate based security
Problems with FORM Authentication