There are at least 2 obvious problems:
1) the javadoc for JdbcRealm.setPermissionsQuery suggests that the query is expected to have 3 columns ("containing the fully qualified name of the permission class, the permission name, and the permission actions (in that order)"), but the code actually looks only for 1 - permission actions on index 0
2) it doesn't support salt - checks only for password matching