0 Replies Latest reply: Feb 17, 2013 6:19 AM by 966664 RSS

    isUserInRole sometimes returns false

    966664
      I'm developing my first Jsf, Jaas, JPA, JBoss application and now I have this trouble. I created two security domains in JBoss:

      <security-domain name="Database" cache-type="default">
      <authentication>
      <login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="required">
      <module-option name="dsJndiName" value="java:jboss/JaasDS"/>
      <module-option name="principalsQuery" value="select password from user where mail=?"/>
      <module-option name="rolesQuery" value="select role, 'Roles' from user u where u.mail=?"/>
      </login-module>
      </authentication>
      </security-domain>
      <security-domain name="Custom" cache-type="default">
      <authentication>
      <login-module code="demo.SampleLoginModule" flag="required"/>
      </authentication>
      </security-domain>

      If I use "Database" domain everything works, while if I use a "Custom" domain I can not set the role to the principal.

      My SampleLoginModule

      public class SampleLoginModule implements LoginModule {
      private String username;
      private String password;

      private SamplePrincipal userPrincipal;

      public boolean login() throws LoginException {
      //Here i check the credentials
      }

      public boolean commit() throws LoginException {
      //Here i add principal to subject

      userPrincipal.setName("username");

      if (!(subject.getPrincipals().contains(userPrincipal)))
      subject.getPrincipals().add(userPrincipal);
      }
      }
      }


      MySimplePrincipal

      public class SamplePrincipal implements Principal {
      private String name;

      public SamplePrincipal() {
      super();
      }

      public String getName() {
      return name;
      }
      public void setName(String name) {
      this.name = name;
      }
      }

      I would add a role to a principal within of the method commit because isUserInRole otherwise return false.

      How can I do this?