I'd like to make use of jboss7 pickedbox security role mapping feature, as documented in:

https://community.jboss.org/wiki/PicketBoxMapping

Specifially I want to map a LDAP stored role (group membership) like "MyLdapRole" to a application specific ejb tier role name @RolesAllowed("MyEjbRole")

While the role mapping supported by PickedBox looks promising I have a problem setting the required "rolesMap" option for the mapping module org.jboss.security.mapping.providers.OptionsRoleMappingProvider

jboss7 jboss-as-security_1_1.xsd defines for mapping module options <xs:complexType name="propertyType> with a string only value attribute:

<xs:attribute name="value" type="xs:string" use="required"/>

jboss4 security-config_4_1.xsd supported flexible jaxp parsed module option values.

So, the pickedbox wiki example uses a jaxp parsed java.util.Properties type module option:

         <mapping-module code="org.jboss.security.mapping.providers.OptionsRoleMappingProvider"
          type="role">
             <module-option name="rolesMap" >
                        <java:properties xmlns:java="urn:jboss:java-properties"
                                 xmlns:xs="http://www.w3.org/2001/XMLSchema-instance"
                                 xs:schemaLocation="urn:jboss:java-properties resource:java-properties_1_0.xsd">
                                 <java:property>
                                    <java:key>validuser</java:key>
                                    <java:value>AuthorizedUser,InternalUser</java:value>
                                 </java:property>
                           </java:properties>
                      </module-option>
                   <module-option name="replaceRoles">false</module-option>
               </mapping-module>

How am I supposed to set the property in standalone.xml if only simple string property values are suppored for security modules?