Chapter 9. Mapping


In JBoss Enterprise Application Platform 5, it is possible to map additional roles at the deployment level from those derived at the security domain level (such as at the EAR level).
This is achieved by declaring the org.jboss.security.mapping.providers.DeploymentRolesMappingProvider class as the value for the code attribute in the <mapping-module> element. Additionally, the type attribute must be set to role. Refer to Section 6.1.3, “<mapping>” for information about the <mapping> element schema.
By configuring the mapping configuration element within the role-based parameter, you can force additional role interpretation to the declared principals specified for the particular deployment (war, ear, ejb-jar etc).

Important

In versions prior to JBoss Enterprise Application Platform 5, the <rolemapping> element contained the <mapping-module> element and class declaration. <rolemapping> has now been deprecated, and replaced with the <mapping> element.

Example 9.1. <mapping-module> declaration

<application-policy name="test-domain">
   <authentication>
   ...
   </authentication>
   <mapping>
      <mapping-module code="org.jboss.security.mapping.providers.DeploymentRolesMappingProvider" type="role"/>
   </mapping>
   ...
</application-policy>
Copy to Clipboard Toggle word wrap
Once the security domain is configured correctly, you can append the <security-role> element group as a child element of the <assembly-descriptor> to the WEB-INF/jboss-web.xml (.war or .sar) file.

Example 9.2. <security-role> declaration

<assembly-descriptor>
   ...
   <security-role>
      <role-name>Support</role-name>
      <principal-name>Mark</principal-name> 
      <principal-name>Tom</principal-name>
   </security-role>
   ...
</assembly-descriptor>
Copy to Clipboard Toggle word wrap
A security role relating to Support principals is implemented in addition to the base security role information contained in WEB-INF/jboss-web.xml.
Back to top
Red Hat logoGithubredditYoutubeTwitter

Learn

Try, buy, & sell

Communities

About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust. Explore our recent updates.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

Theme

© 2025 Red Hat