here's some free code that should output the roles a user has. Make the change to use your jaas login module first, then worry if you still cannot access the dash. And remember to change the login-config.xml in the portal.sar/conf to use you new module. let me know how you get on... Mat | package gov.tfl.ors.portal.security; | | import java.security.Principal; | import java.util.Enumeration; | import java.util.Map; | import java.util.Set; | | import javax.security.auth.Subject; | import javax.security.auth.callback.CallbackHandler; | import javax.security.auth.login.LoginException; | | import org.jboss.portal.identity.auth.DBIdentityLoginModule; | import org.jboss.security.SimpleGroup; | | public class MyDBIdentityLoginModule extends DBIdentityLoginModule { | | @Override | public void initialize(Subject arg0, CallbackHandler arg1, Map<String, ?> arg2, Map<String, ?> arg3) { | super.initialize(subject, callbackHandler, sharedState, options); | } | | @Override | public boolean login() throws LoginException { | return super.login(); | //now the protected variable "subject" has been set | } | | @Override | public boolean commit() throws LoginException { | boolean result=super.commit(); | Enumeration<Principal> roles=getRoles(); | while (roles.hasMoreElements()) { | Principal principal=roles.nextElement(); | System.out.println(principal.getName()); | } | return result; | } | | private Enumeration<Principal> getRoles() throws LoginException{ | for (Principal principal : subject.getPrincipals()) { | if (principal instanceof SimpleGroup && "Roles".equals(principal.getName())){ | return ((SimpleGroup)principal).members(); | } | } | throw new LoginException("unable to find roles for user "+ getUsername()); | } | } | View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4231813#... Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&a...