This content has been marked as final. Show 1 reply
The realm mapping interface (implemented by security manager) exposes method
public boolean doesUserHaveRole(Principal principal, Set roleNames);
if you know on the client side what role the client must have in order to access specific GUI part.
Or you could build a simple stateless service that on the server side accesses the authorized subject via SecurityAssociation and returns the role names from the Subject's 'Roles' group.