I think that the `BaseCertLoginModule` checks the clients certificate but I don't think there is anyway that it can assign a role.
The `UsersRolesloginModule` assigns the client to a role (using the file `jmx-console-roles.properties`). However I am completely bewildered as to what should be in this file: `jmx-console-users.properties`.
[org.jboss.security.auth.spi.UsersRolesLoginModule.initialize:135] Failed to load users/passwords/role files java.io.IOException: No properties file: users.properties or defaults: defaultUsers.properties found ...