Actually it isn't really a bug: JBoss encodes role principals in a "Roles" principal group, this is why you specify the "Roles" literal - it is the group that the principals are being added to.
If you are using a properties file for roles you don't notice this as the default group of "Roles" is assigned if the group is not specified. so, username=role1,role2 and username.Roles=role1,role2 are the same. So actually is is more a surplus of configurability than a lack that is causing the confusion. That the roles principal group name is hard coded to "Roles" isn't really that much of an imposition, considering that the grouping allows applicaiton specific principal groups to be added without interfereing with JBoss role authorisation. View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3840083#3840083 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3840083 ------------------------------------------------------- This SF.Net email sponsored by Black Hat Briefings & Training. Attend Black Hat Briefings & Training, Las Vegas July 24-29 - digital self defense, top technical experts, no vendor pitches, unmatched networking opportunities. Visit www.blackhat.com _______________________________________________ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
