upps, yes. I modified the xml file in my server with vnc using notepad editor. | <?xml version='1.0'?> | <!DOCTYPE policy PUBLIC | "-//JBoss//DTD JBOSS Security Config 3.0//EN" | "http://www.jboss.org/j2ee/dtd/security_config.dtd"> | | <!-- The XML based JAAS login configuration read by the | org.jboss.security.auth.login.XMLLoginConfig mbean. Add | an application-policy element for each security domain. | | The outline of the application-policy is: | <application-policy name="security-domain-name"> | <authentication> | <login-module code="login.module1.class.name" flag="control_flag"> | <module-option name = "option1-name">option1-value</module-option> | <module-option name = "option2-name">option2-value</module-option> | ... | </login-module> | | <login-module code="login.module2.class.name" flag="control_flag"> | ... | </login-module> | ... | </authentication> | </application-policy> | | --> | | <policy> | <!-- Used by clients within the application server VM such as | mbeans and servlets that access EJBs. | --> | <application-policy name = "client-login"> | <authentication> | <login-module code = "org.jboss.security.ClientLoginModule" | flag = "required"> | </login-module> | </authentication> | </application-policy> | | <!-- Security domain for JBossMQ --> | <application-policy name = "jbossmq"> | <authentication> | <login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule" | flag = "required"> | <module-option name = "unauthenticatedIdentity">guest</module-option> | <module-option name = "dsJndiName">java:/DefaultDS</module-option> | <module-option name = "principalsQuery">SELECT PASSWD FROM JMS_USERS WHERE USERID=?</module-option> | <module-option name = "rolesQuery">SELECT ROLEID, 'Roles' FROM JMS_ROLES WHERE USERID=?</module-option> | </login-module> | </authentication> | </application-policy> | | <!-- Security domain for JBossMQ when using file-state-service.xml | <application-policy name = "jbossmq"> | <authentication> | <login-module code = "org.jboss.mq.sm.file.DynamicLoginModule" | flag = "required"> | <module-option name = "unauthenticatedIdentity">guest</module-option> | <module-option name = "sm.objectname">jboss.mq:service=StateManager</module-option> | </login-module> | </authentication> | </application-policy> | --> | | <!-- Security domains for testing new jca framework --> | <application-policy name = "HsqlDbRealm"> | <authentication> | <login-module code = "org.jboss.resource.security.ConfiguredIdentityLoginModule" | flag = "required"> | <module-option name = "principal">sa</module-option> | <module-option name = "userName">sa</module-option> | <module-option name = "password"></module-option> | <module-option name = "managedConnectionFactoryName">jboss.jca:service=LocalTxCM,name=DefaultDS</module-option> | </login-module> | </authentication> | </application-policy> | | <application-policy name = "JmsXARealm"> | <authentication> | <login-module code = "org.jboss.resource.security.ConfiguredIdentityLoginModule" | flag = "required"> | <module-option name = "principal">guest</module-option> | <module-option name = "userName">guest</module-option> | <module-option name = "password">guest</module-option> | <module-option name = "managedConnectionFactoryName">jboss.jca:service=TxCM,name=JmsXA</module-option> | </login-module> | </authentication> | </application-policy> | | <!-- A template configuration for the jmx-console web application. This | defaults to the UsersRolesLoginModule the same as other and should be | changed to a stronger authentication mechanism as required. | --> | <application-policy name = "jmx-console"> | <authentication> | <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" | flag = "required"> | <module-option name="usersProperties">props/jmx-console-users.properties</module-option> | <module-option name="rolesProperties">props/jmx-console-roles.properties</module-option> | </login-module> | </authentication> | </application-policy> | | <!-- A template configuration for the web-console web application. This | defaults to the UsersRolesLoginModule the same as other and should be | changed to a stronger authentication mechanism as required. | --> | | | <application-policy name = "web-console"> | <authentication> | <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" | flag = "required"> | <module-option name="usersProperties">props/web-console-users.properties</module-option> <module-option name="rolesProperties">props/web-console-roles.properties</module-option> </login-module> | </authentication> | </application-policy | | <!-- A template configuration for the JBossWS web application (and transport layer!). | This defaults to the UsersRolesLoginModule the same as other and should be | changed to a stronger authentication mechanism as required. | --> | <application-policy name="JBossWS"> | <authentication> | <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" | flag="required"> | <module-option name="unauthenticatedIdentity">anonymous</module-option> | </login-module> | </authentication> | </application-policy> | | <!-- The default login configuration used by any security domain that | does not have a application-policy entry with a matching name | --> | <application-policy name = "other"> | <!-- A simple server login module, which can be used when the number | of users is relatively small. It uses two properties files: | users.properties, which holds users (key) and their password (value). | roles.properties, which holds users (key) and a comma-separated list of | their roles (value). | The unauthenticatedIdentity property defines the name of the principal | that will be used when a null username and password are presented as is | the case for an unuathenticated web client or MDB. If you want to | allow such users to be authenticated add the property, e.g., | unauthenticatedIdentity="nobody" | --> | <authentication> | <login-module code = "org.jboss.security.auth.spi.UsersRolesLoginModule" | flag = "required" /> | </authentication> | </application-policy> | | </policy> | i think the xml is well formed. i´m gonna modify it with other editor. Very much thanks View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4112893#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...