I'm writing a small web app to modify/maintain roles.properties and eventually have versions for database/ldap.
How do roles that aren't in "Roles" work? Are they even visible to the web tier? I'm using this test JSP:
<% out.println(request.isUserInRole("Role3")); %>
<% out.println(request.isUserInRole("Role2")); %>
And getting "false true" for the following roles.properties:
So the first line defaults to "Roles" rolegroup. How do I check if the user is in Role3 or not? Is it in the Subject somewhere? If I need to I can look at the JBossSX source.
Roles not in the 'Roles' group do not exist as far as the standard apis are concerned. You would have to get the Subject and uses the Application role group yourself.