A Principal is generally a member of some group(s). Think of your user account on unix systems (it would be part of some group such as user/admin etc).
Within GF you can either manually map principals and groups to roles or activate a canonical mapping called default P2R. When you activate default P2R every Group is mapped to a same named Role.
The result of an authentication should generally be a Principal set, some of the principals could be Group principals among them.
So what does the JAX-RS SecurityContext return (did you inspect the class name of the returned Principal ?)
[Message sent by forum member 'kumarjayanti' (kumarjayanti)]
http://forums.java.net/jive/thread.jspa?messageID=334716