This content has been marked as final. Show 1 reply
Seems like you have to define a custom implementation of the RealmMapping interface. The interface defines a method
/** Validates the application domain roles to which the operational
environment Principal belongs.
@param principal the caller principal as known in the operation environment.
@param roles The Set<Principal> for the application domain roles that the
principal is to be validated against.
@return true if the principal has at least one of the roles in the roles set,
public boolean doesUserHaveRole(Principal principal, Set roles);
Your implementation can return true/false based on the mandate level. You might also need to define a custom login module (only your requirements will define this need) that gets the mandate value into the subject.
On complete details on how to implement a custom security manager and custom login modules (for the JAAS security manager) please read