> A Principal is generally a member of some group(s).
> Think of your user account on unix systems (it would
> be part of some group such as user/admin etc).
>
> Within GF you can either manually map principals and
> groups to roles or activate a canonical mapping
> called default P2R. When you activate default P2R
> every Group is mapped to a same named Role.
Correct me if I'm wrong, but doesn't Glassfish map each user to a group and then separately maps a set of principals or groups to a Role? Essentially this allow you to map a role to a Group of users as opposed to mapping them one by one, right?
> The result of an authentication should generally be a
> Principal set, some of the principals could be Group
> principals among them.
>
> So what does the JAX-RS SecurityContext return (did
> you inspect the class name of the returned Principal
> ?)
SecurityContext only returns a single Principal, which is why I am so confused. Take a look:
https://jsr311.dev.java.net/nonav/javadoc/javax/ws/rs/core/SecurityContext.html
Thank you,
Gili
[Message sent by forum member 'cowwoc' (cowwoc)]
http://forums.java.net/jive/thread.jspa?messageID=334799