Looking in the authentication code, the role doesn't appear to be used other than it's placed in the session context for future use. So...
1.) you can make use of it somehow by accessing the session context (authorization I believe) 2.) use the portal (cocoon's) as i'm fairly certain it's used there to distinguish between the various portal variants. The RoleFilterTransformer doesn't appear to use this. Rather it uses the J2EE role found in... web.xml??? I forget, but basically it calls request.isUserInRole(). Actually I'm assuming it's using hte j2ee role and not the cocoon role. So maybe you need to look in the request.isUserInRole mehtod to make sure. MD --------------------------------------------------------------------- Please check that your question has not already been answered in the FAQ before posting. <http://xml.apache.org/cocoon/faq/index.html> To unsubscribe, e-mail: <[EMAIL PROTECTED]> For additional commands, e-mail: <[EMAIL PROTECTED]>
