此内容没有您所选择的语言版本。
3.4. Role Mapping LoginModule
If the LoginModule you are using exposes role names that you wish to map to more application specific names, then you can use the RoleMappingLoginModule. This uses a properties file to inject additional role names, and optionally replace the existing role, on authenticated subjects. This is what the security domain should look like:
<subsystem xmlns="urn:jboss:domain:security:1.2">
<security-domains>
<security-domain name="jdv_security_domain">
<authentication>
...
<login-module code="org.jboss.security.auth.spi.RoleMappingLoginModule" flag="optional">
<module-option name="rolesProperties" value="${jboss.server.base.dir}/configuration/roles.properties" />
<module-option name="replaceRole" value="false" />
</login-module>
...
</authentication>
</security-domain>
</security-domains>
</subsystem>
