Ahah, I see. That make sense.
I had read about the PolicyContextHandler interface at some point.
For now, we'll probably just go with that one explicit mapping.
Dunno if it is worth pointing out that if the name of the role was "asadmin" instead of "admin-role" it would have worked with our implementation, though not generally of course.
Thanks again for your help, Ron.
It would be nice if the next JACC standard could define a mapping. Perhaps something along the lines of:
<security-role-mapping>
<group-name>asadmin</group-name>
<role-name>admin-role</role-name>
</security-role-mapping>
I'm just sayin'...
[Message sent by forum member 'brian_of_fortent' (brian_of_fortent)]
http://forums.java.net/jive/thread.jspa?messageID=275988