Hi,
I am looking for a solution to allow for programmatically, at runtime
created ldap groups to be mapped to j2ee roles.
As there is no way of knowing the group names at deployment time, the
required <security-role-mapping> seems to be the showstopper here.
What I need is an "automagic" mapping of ldap groups to j2ee roles with the
same name or a derived one (fe. + _ROLE).
Something like :
<security-role-mapping>
<automatic>true</automatic>
<extension>_ROLE</extension>
</security-role-mapping>
Imo, this would be a very useful feature in many of today's use cases.
Best regards,
Wim Verreycken