My impression is that CORBA security implementation (csi-v2) is not integrated well with the Geronimo login service (please correct me if I'm wrong). I plan to integrate csi-v2 security with the Geronimo login service by having csi-v2 interceptor authenticate with the login service and thus have consistent role mappings; Trust rules will also be moved out into trust-manager gbean configured into the security realm
Simon
