diff --git a/account-ui/src/main/webapp/WEB-INF/shiro.ini b/account-ui/src/main/webapp/WEB-INF/shiro.ini
index f841c69..153b226 100644
--- a/account-ui/src/main/webapp/WEB-INF/shiro.ini
+++ b/account-ui/src/main/webapp/WEB-INF/shiro.ini
@@ -25,7 +25,8 @@ passwordMatcher.passwordService = $passwordService
 # JDBC Realm setup
 jdbcRealm = org.apache.shiro.realm.jdbc.JdbcRealm
 jdbcRealm.permissionsLookupEnabled=false
-jdbcRealm.authenticationQuery = select al.account_password from account a, account_login al where al.account = a.id and a.username = ? and status not in ('LOCKED','DELETED')
+# jdbcRealm.authenticationQuery = select al.account_password from account a, account_login al where al.account = a.id and a.username = ? and status not in ('LOCKED','DELETED')
+jdbcRealm.authenticationQuery = SELECT accl.account_password from account acc, account_login accl, account_role accr, application_role appr WHERE accl.account = acc.id AND acc.id = accr.account AND accr.account_role = appr.id AND appr.application = '143a2bd3-7e0b-4162-a76e-3031331c7dfe' AND acc.status not in ('LOCKED','DELETED') AND acc.username = ?
 jdbcRealm.userRolesQuery = select r.role_name from application_role r, account_role ar, account a WHERE a.username = ? AND a.id = ar.account AND ar.account_role = r.id
 jdbcRealm.credentialsMatcher = $passwordMatcher
 jdbcRealm.dataSource = $datasource