I'm building a system where admin can dynamically change roles for users. The problem is that Identity stores user roles.
Lets say I have two logged users: admin, steven. steven has role 'specialUser'. After admin revokes steve role by calling
IdentityManager.instance().revokeRole("steven", "specialUser")
logged steve still passes the test
Identity.instance().hasRole("specialUser")
Is there a way to dynamically check assigned roles using seam security api?
Yes by implementing a custom identity http://seamframework.org/Community/ExtendingIdentity