2 Replies Latest reply on Nov 14, 2011 10:08 AM by bemtaill

    request.isUserInRole() always returns false

    bemtaill

      Hi All,

       

      I am using JBOSS AS 6 and am bit puzzled by the way the authentication works. I have set up authentication with DatabaseServerLoginModule and have created a user "bemtaill" with a role "ADMIN". Now in a servlet I do the following:

       

       

      {code} request.login("bemtaill", "123"); // passes OK

      request.isUserInRole("ADMIN"); // returns FALSE {code}

       

      But at the same time in the logs I see:

       

      {quote}

      19:03:58,991 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] User 'bemtaill' authenticated, loginOk=true

      19:03:58,991 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] commit, loginOk=true

      19:03:58,991 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] getRoleSets using rolesQuery: select role, role_group from user_roles where username=?, username: bemtaill

      19:03:58,994 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] suspendAnyTransaction

      19:03:58,995 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] Excuting query: select role, role_group from user_roles where username=?, with username: bemtaill

      19:03:58,997 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] Assign user to role ADMIN

      {quote}

       

       

      How is it possible that the role is assigned but isUserInRole returns false?

       

      Thanks,

      Valery.