Hi!

I'm currently trying to access the WebRoleRefPermission using JACC ( https://jcp.org/en/jsr/detail?id=115 ) and I have encountered a problem. The problem is that I do get some permissions but not the WebRoleRefPermission. The way I try to get the permissions is:

Subject subject = PolicyContext.getContext("javax.security.auth.Subject.container")

Set<Principal> subjectPrincipals = subject.getPrincipals()

PermissionCollection permissionCollection = Policy.getPolicy().getPermissions( new ProtectionDomain( new CodeSource(null, (Certificate[]) null), null, null, subjectPrincipals.toArray(new Principal[subjectPrincipals.size()]) ));

// This seems to be needed to "Resolve any potentially unresolved permissions"

permissionCollection.implies(new WebRoleRefPermission("", "nothing"));

Finally I loop over the elements in the PermissionCollection to locate the WebRoleRefPermission.

The web.xml contains the needed <security-role>, <auth-constraint> and <login-config>, Elytron seems to be configured correctly with JACC enabled and the login stuff works as expected when I access the application. But when an I use the pseudo code above to access the PermissionCollection in a JSP view there's no WebRoleRefPermission instances in it.

The code I use is based on one of the Java EE-7 JACC examples ( https://github.com/javaee-samples/javaee7-samples/blob/master/jacc/contexts/src/main/java/org/javaee7/jacc/contexts/servlet/SubjectServlet.java ).

Anyone have a clue if there's anything else I need to do to get access to the WebRoleRefPermission?