Why the Role fail to set to the user? Error Message After Login HTTP Status 403 - Access to the requested resource has been denied -------------------------------------------------------------------------------- type Status report message Access to the requested resource has been denied description Access to the specified resource (Access to the requested resource has been denied) has been forbidden. ############################################# Here is My Trace Logs LoginModule Class: org.jboss.security.auth.spi.DatabaseServerLoginModule ControlFlag: LoginModuleControlFlag: required Options:name=rolesQuery, value=select loyalty.role.role_name as "Role", loyalty.role_type.role_type as "RoleGroup" from loyalty.user, loyalty.role, loyalty.role_type where loyalty.role_type.role_type_id = loyalty.user.role_type_id and loyalty.role_type.role_id = loyalty.role.role_id and loyalty.user.username = ? name=principalsQuery, value=select password from loyalty.user where username = ? name=password-stacking, value=useFirstPass name=unauthenticatedIdentity, value=guest name=additionalRole, value=Authenticated name=factoryJNDIName, value=java:/portal/SessionFactory name=dsJndiName, value=java:PortalDS_postgres 2007-03-29 11:38:25,656 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] End getAppConfigurationEntry(portal), authInfo=AppConfigurationEntry[]: [0] LoginModule Class: org.jboss.security.auth.spi.DatabaseServerLoginModule ControlFlag: LoginModuleControlFlag: required Options:name=rolesQuery, value=select loyalty.role.role_name as "Role", loyalty.role_type.role_type as "RoleGroup" from loyalty.user, loyalty.role, loyalty.role_type where loyalty.role_type.role_type_id = loyalty.user.role_type_id and loyalty.role_type.role_id = loyalty.role.role_id and loyalty.user.username = ? name=principalsQuery, value=select password from loyalty.user where username = ? name=password-stacking, value=useFirstPass name=unauthenticatedIdentity, value=guest name=additionalRole, value=Authenticated name=factoryJNDIName, value=java:/portal/SessionFactory name=dsJndiName, value=java:PortalDS_postgres 2007-03-29 11:38:25,656 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] initialize, instance=@31147885 2007-03-29 11:38:25,656 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] initialize, instance=@31147885 2007-03-29 11:38:25,656 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] Saw unauthenticatedIdentity=guest 2007-03-29 11:38:25,656 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] Saw unauthenticatedIdentity=guest 2007-03-29 11:38:25,656 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] DatabaseServerLoginModule, dsJndiName=java:PortalDS_postgres 2007-03-29 11:38:25,656 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] DatabaseServerLoginModule, dsJndiName=java:PortalDS_postgres 2007-03-29 11:38:25,656 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] principalsQuery=select password from loyalty.user where username = ? 2007-03-29 11:38:25,656 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] principalsQuery=select password from loyalty.user where username = ? 2007-03-29 11:38:25,656 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] rolesQuery=select loyalty.role.role_name as "Role", loyalty.role_type.role_type as "RoleGroup" from loyalty.user, loyalty.role, loyalty.role_type where loyalty.role_type.role_type_id = loyalty.user.role_type_id and loyalty.role_type.role_id = loyalty.role.role_id and loyalty.user.username = ? 2007-03-29 11:38:25,656 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] rolesQuery=select loyalty.role.role_name as "Role", loyalty.role_type.role_type as "RoleGroup" from loyalty.user, loyalty.role, loyalty.role_type where loyalty.role_type.role_type_id = loyalty.user.role_type_id and loyalty.role_type.role_id = loyalty.role.role_id and loyalty.user.username = ? 2007-03-29 11:38:25,656 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] suspendResume=true 2007-03-29 11:38:25,656 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] suspendResume=true 2007-03-29 11:38:25,656 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] login 2007-03-29 11:38:25,656 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] login 2007-03-29 11:38:25,656 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] suspendAnyTransaction 2007-03-29 11:38:25,656 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] suspendAnyTransaction 2007-03-29 11:38:25,656 DEBUG [org.jboss.resource.connectionmanager.IdleRemover] internalRegisterPool: registering pool with interval 900000 old interval: 450000 2007-03-29 11:38:25,765 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] Excuting query: select password from loyalty.user where username = ?, with username: user 2007-03-29 11:38:25,765 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] Excuting query: select password from loyalty.user where username = ?, with username: user 2007-03-29 11:38:25,781 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] Obtained user password 2007-03-29 11:38:25,781 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] Obtained user password 2007-03-29 11:38:25,781 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] resumeAnyTransaction 2007-03-29 11:38:25,781 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] resumeAnyTransaction 2007-03-29 11:38:25,781 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] User 'user' authenticated, loginOk=true 2007-03-29 11:38:25,781 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] User 'user' authenticated, loginOk=true 2007-03-29 11:38:25,781 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] commit, loginOk=true 2007-03-29 11:38:25,781 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] commit, loginOk=true 2007-03-29 11:38:25,781 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] getRoleSets using rolesQuery: select loyalty.role.role_name as "Role", loyalty.role_type.role_type as "RoleGroup" from loyalty.user, loyalty.role, loyalty.role_type where loyalty.role_type.role_type_id = loyalty.user.role_type_id and loyalty.role_type.role_id = loyalty.role.role_id and loyalty.user.username = ?, username: user 2007-03-29 11:38:25,781 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] getRoleSets using rolesQuery: select loyalty.role.role_name as "Role", loyalty.role_type.role_type as "RoleGroup" from loyalty.user, loyalty.role, loyalty.role_type where loyalty.role_type.role_type_id = loyalty.user.role_type_id and loyalty.role_type.role_id = loyalty.role.role_id and loyalty.user.username = ?, username: user 2007-03-29 11:38:25,781 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] suspendAnyTransaction 2007-03-29 11:38:25,781 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] suspendAnyTransaction 2007-03-29 11:38:25,781 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] Excuting query: select loyalty.role.role_name as "Role", loyalty.role_type.role_type as "RoleGroup" from loyalty.user, loyalty.role, loyalty.role_type where loyalty.role_type.role_type_id = loyalty.user.role_type_id and loyalty.role_type.role_id = loyalty.role.role_id and loyalty.user.username = ?, with username: user 2007-03-29 11:38:25,781 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] Excuting query: select loyalty.role.role_name as "Role", loyalty.role_type.role_type as "RoleGroup" from loyalty.user, loyalty.role, loyalty.role_type where loyalty.role_type.role_type_id = loyalty.user.role_type_id and loyalty.role_type.role_id = loyalty.role.role_id and loyalty.user.username = ?, with username: user 2007-03-29 11:38:25,796 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] Assign user to role User 2007-03-29 11:38:25,796 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] Assign user to role User 2007-03-29 11:38:25,796 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] Assign user to role Authenticated 2007-03-29 11:38:25,796 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] Assign user to role Authenticated 2007-03-29 11:38:25,796 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] resumeAnyTransaction 2007-03-29 11:38:25,796 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] resumeAnyTransaction 2007-03-29 11:38:25,796 TRACE [org.jboss.security.plugins.JaasSecurityManager.portal] defaultLogin, lc=javax.security.auth.login.LoginContext@b6585, subject=Subject(3549137).principals=org.jboss.security.SimplePrincipal@19610820(user) 2007-03-29 11:38:25,796 TRACE [org.jboss.security.plugins.JaasSecurityManager.portal] defaultLogin, lc=javax.security.auth.login.LoginContext@b6585, subject=Subject(3549137).principals=org.jboss.security.SimplePrincipal@19610820(user) 2007-03-29 11:38:25,796 TRACE [org.jboss.security.plugins.JaasSecurityManager.portal] updateCache, inputSubject=Subject(3549137).principals=org.jboss.security.SimplePrincipal@19610820(user), cacheSubject=Subject(24123599).principals=org.jboss.security.SimplePrincipal@19610820(user) 2007-03-29 11:38:25,796 TRACE [org.jboss.security.plugins.JaasSecurityManager.portal] updateCache, inputSubject=Subject(3549137).principals=org.jboss.security.SimplePrincipal@19610820(user), cacheSubject=Subject(24123599).principals=org.jboss.security.SimplePrincipal@19610820(user) 2007-03-29 11:38:25,796 TRACE [org.jboss.security.plugins.JaasSecurityManager.portal] Inserted cache info: org.jboss.security.plugins.JaasSecurityManager$DomainInfo@6cd243[Subject(24123599).principals=org.jboss.security.SimplePrincipal@19610820(user),credential.class=java.lang.String(a)3945515,expirationTime=1175141305656] 2007-03-29 11:38:25,796 TRACE [org.jboss.security.plugins.JaasSecurityManager.portal] Inserted cache info: org.jboss.security.plugins.JaasSecurityManager$DomainInfo@6cd243[Subject(24123599).principals=org.jboss.security.SimplePrincipal@19610820(user),credential.class=java.lang.String(a)3945515,expirationTime=1175141305656] 2007-03-29 11:38:25,796 TRACE [org.jboss.security.plugins.JaasSecurityManager.portal] End isValid, true 2007-03-29 11:38:25,796 TRACE [org.jboss.security.plugins.JaasSecurityManager.portal] End isValid, true 2007-03-29 11:38:25,796 TRACE [org.jboss.security.SecurityAssociation] pushSubjectContext, subject=Subject: Principal: user , sc=org.jboss.security.SecurityAssociation$SubjectContext@1ff5976{principal=user,subject=21655743} 2007-03-29 11:38:25,796 TRACE [org.jboss.security.SecurityAssociation] pushSubjectContext, subject=Subject: Principal: user , sc=org.jboss.security.SecurityAssociation$SubjectContext@1ff5976{principal=user,subject=21655743} 2007-03-29 11:38:25,796 TRACE [org.jboss.security.plugins.JaasSecurityManager.portal] getPrincipal, cache info: org.jboss.security.plugins.JaasSecurityManager$DomainInfo@6cd243[Subject(24123599).principals=org.jboss.security.SimplePrincipal@19610820(user),credential.class=java.lang.String(a)3945515,expirationTime=1175141305656] 2007-03-29 11:38:25,796 TRACE [org.jboss.security.plugins.JaasSecurityManager.portal] getPrincipal, cache info: org.jboss.security.plugins.JaasSecurityManager$DomainInfo@6cd243[Subject(24123599).principals=org.jboss.security.SimplePrincipal@19610820(user),credential.class=java.lang.String(a)3945515,expirationTime=1175141305656] 2007-03-29 11:38:25,796 TRACE [org.jboss.security.SecurityAssociation] getSubject, sc=org.jboss.security.SecurityAssociation$SubjectContext@1ff5976{principal=user,subject=21655743} 2007-03-29 11:38:25,796 TRACE [org.jboss.security.SecurityAssociation] getSubject, sc=org.jboss.security.SecurityAssociation$SubjectContext@1ff5976{principal=user,subject=21655743} 2007-03-29 11:38:25,796 TRACE [org.jboss.security.plugins.JaasSecurityManager.portal] getUserRoles, subject: Subject: Principal: user 2007-03-29 11:38:25,796 TRACE [org.jboss.security.plugins.JaasSecurityManager.portal] getUserRoles, subject: Subject: Principal: user 2007-03-29 11:38:25,796 TRACE [org.jboss.security.SecurityAssociation] clear, server=true 2007-03-29 11:38:25,796 TRACE [org.jboss.security.SecurityAssociation] clear, server=true 2007-03-29 11:38:25,812 TRACE [org.jboss.security.SecurityAssociation] clear, server=true 2007-03-29 11:38:25,812 TRACE [org.jboss.security.SecurityAssociation] clear, server=true View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4032616#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...