"anil.saldhana(a)jboss.com" wrote : | anonymous wrote : I'm not seeing how the run-as identity and roles fits into the SecurityContext. How does it? | RunAsIdentity is not applicable to every JEMS project. It is more of an JEE aspect. Both RAI and Roles will be keyed in the context map inside SC implementation. | Forget about the specific RunAsIdentity notion. This should be a subset of a general trust configuration where there is an assertion that the caller is X with proof of identity Y. The javaee run-as notion has X=some-role with Y=the-ability-to-deploy-a-component-with-a-run-as-tag. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3991426#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...