Hi all !

I saw in this forum that :

The GateIn Picketlink LDAP IdentityStore implementation does not support Roles, it only supports Memberships. If you want the ability to support roles, you will need to implement your only implementation of the LDAP IdentityStore.

https://community.jboss.org/message/558447#558447 :

Is it supported now ?

Is it planned ?

Gatein is able to use Roles(membership types) for permissions, exemple

user1 & user2 belong to group /paltform/administration

user1 has membership type "manager" in that group

user2 has membership type "member" in that same group

I could restrict access to role aswell : only users with manager role in the /platform/administration can delete/create/update a document, other can only create/update

Since it's not supported by picketlink (1.3.2-CR02 i think in latest gatein I think), we can't relay on ldap for Role management (import).

is that right ?

thanks