Java Development Tools

Hi,

I am on jdev 11.1.2.4 (ADF Essentials) and using shiro security.

I've developed an application which uses apache shiro for security. This application is deployed on glassfish server (3.1.2) and using MySQL DB.

On one of my (Windows 7) PCs, when I deploy the application on glassfish and run the login page, I get "Invalid username/password combination" error (thrown in the login method below) it works fine on integrated weblogic server. (This was working fine on glassfish server and I was having no issues).

However, on a different PC, its the other way round. ie. its working on glassfish but getting the error on integrated weblogic server.

In a different application (using same configuration), its working on both integrated weblogic and Glassfish servers (so far).

my shiro.ini configuration is

[main]
user = com.technoserve.cms.view.filter.FacesAjaxAwareUserFilter
shiro.loginUrl = /faces/Login.jsf
user.loginUrl = /faces/Login.jsf
# DataSource config
ds = org.apache.shiro.jndi.JndiObjectFactory
ds.requiredType = javax.sql.DataSource
ds.resourceName = jdbc/CmsDS
# JDBC realm config
jdbcRealm = org.apache.shiro.realm.jdbc.JdbcRealm
jdbcRealm.permissionsLookupEnabled = true
# Configure JDBC realm SQL queries.
jdbcRealm.authenticationQuery = SELECT password FROM cms.users WHERE user_name = ?
jdbcRealm.userRolesQuery = SELECT role FROM cms.roles, cms.user_roles, cms.users WHERE roles.id = user_roles.role_id and users.id = user_roles.user_id and users.user_name = ?
jdbcRealm.permissionsQuery = SELECT permission FROM cms.permissions, cms.role_permissions, cms.roles WHERE permissions.id = role_permissions.perm_id and roles.id = role_permissions.role_id and roles.role = ?
jdbcRealm.dataSource = $ds
[urls]
/faces/** = user

and login method (called when I press the login button)

public String login() {
        try {
            // attempt login
            SecurityUtils.getSubject().login(new UsernamePasswordToken(userName, password));
            // retrieve the saved request
            HttpServletRequest request = (HttpServletRequest)(FacesContext.getCurrentInstance().getExternalContext().getRequest());
            SavedRequest savedRequest = WebUtils.getAndClearSavedRequest(request);
            // get external context in order to redirect
            ExternalContext externalContext = FacesContext.getCurrentInstance().getExternalContext();
            if (savedRequest != null) {
                logger.fine("Retrieved saved URL '" + savedRequest.getRequestUrl() + "', redirecting");
                externalContext.redirect(savedRequest.getRequestUrl());
            } else {
                logger.fine("No URL retrieved, redirecting to HOME_URL: " + HOME_URL);
                externalContext.redirect(HOME_URL);
            }
        } catch (AuthenticationException e) {
            System.out.println("Failed login validation for user " + userName);
               
            FacesMessage msg =
                new FacesMessage(FacesMessage.SEVERITY_ERROR, "Invalid username/password combination", "");
            FacesContext.getCurrentInstance().addMessage(null, msg);
        } catch (Exception e) {
            logger.warning("Unexpected error during login", e);
        }
        return null;
    }

any ideas please?

thanks