jboss DatabaseServerLoginModule用户身份验证问题

Question

我正在使用有关数据库用户的jboss安全性教程，但我遇到了问题，而且我不知道问题出在哪里。

jboss direcotry中的standalone.xml

<security-domain name="databaseDomain">
        <authentication>
            <login-module code="Database" flag="required">
                <module-option name="dsJndiName" value="java:/MySqlDS"/>
                  <module-option name="principalsQuery" value="SELECT password FROM users WHERE username=?"/>
                <module-option name="rolesQuery" value="SELECT role, 'Roles' FROM roles WHERE username=?"/>
            </login-module>
        </authentication>
    </security-domain>

我的web.xml

 <login-config>
    <auth-method>FORM</auth-method>
    <form-login-config>
      <form-login-page>/login.html</form-login-page>
      <form-error-page>/error.html</form-error-page>
    </form-login-config>
  </login-config>
  <security-role>
        <role-name>user</role-name>
    </security-role>
    <security-role>
        <role-name>admin</role-name>
    </security-role>
  <security-constraint>
        <web-resource-collection>
            <web-resource-name>Secret area</web-resource-name>
            <url-pattern>/secure</url-pattern>
        </web-resource-collection>
        <auth-constraint>
            <role-name>admin</role-name>
        </auth-constraint>
    </security-constraint>
</web-app>

jboss web xml

<jboss-web>
    <security-domain>databaseDomain</security-domain>
</jboss-web>

的persistence.xml

<persistence version="2.1" xmlns="http://xmlns.jcp.org/xml/ns/persistence" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/persistence http://xmlns.jcp.org/xml/ns/persistence/persistence_2_1.xsd">
    <persistence-unit name="Security">
    <jta-data-source>java:/MySqlDS</jta-data-source>
    <properties>
    <property name="javax.persistence.schema-generation.database.action" value="drop-and-create"/>
    </properties>
    </persistence-unit>
</persistence>

我的实体用户：

@Entity
public class User {
    @Id
    private String username;
    private String password;
    @ElementCollection
    @CollectionTable(name = "roles", joinColumns = @JoinColumn(name = "username", referencedColumnName = "username"))
    @Column(name = "role")
    private Set<String> roles = new HashSet<>();

    public User(String name, String password, String role) {
        this.username = name;
        this.password = password;
        this.roles.add(role);
    }

    public User() { 
    }
...setters and getters

现在让我们开始添加用户并尝试登录....

my database before adding user

my index start page

现在让我们输入注册表格

register form

现在允许在添加用户后检查数据库，检查表角色和用户

user table after adding

role table after adding

现在让我们尝试登录

now we enter secured servlet

即时输入用户和密码，然后重定向到错误页面

login error page

这是我在web.xml中使用的安全servlet

@WebServlet("/secure")
public class Secure extends HttpServlet {
    private static final long serialVersionUID = 1L;

    public Secure() {
    }
    protected void doGet(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        Principal userPrincipal = request.getUserPrincipal();
        String name = userPrincipal.getName();
        response.getWriter().println("welcome: " + name);
    }
}

你能帮忙吗，我做错了什么？