<div dir="ltr">False alarm! <br><br>i finally managed to make it work. Behaviour is normal. I was probably missing sth.<br><div class="gmail_extra"><br><div class="gmail_quote">On Wed, Aug 26, 2015 at 9:01 AM, Orestis Tsakiridis <span dir="ltr"><<a href="mailto:orestis.tsakiridis@telestax.com" target="_blank">orestis.tsakiridis@telestax.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div><div><div>Hello,<br><br></div>Is there any example/documentation on using application roles and the "use-resource-role-mappings" property? It seems that they are ignored at the JEE level (meaning the roles have no effect when i apply restriction through web.xml). </div><div><br></div>I've been trying to test application roles on the database-service example. I added "use-resource-role-mappings" property and enabled DirectAccessGrant to manually get a token. I also assigned the database-service:'user' role to bburke user and removed the realm-level 'user' role.When trying to access the /customers (as bburke) i keep getting a 403. <br><br></div><div>Btw, i've checked the token and it looks perfectly normal. 'user' role is there as an application level role. <br></div><div><br><br></div>Thanks<br></div>
</blockquote></div><br></div></div>