Ability to configure each aggregated realm separately ----------------------------------------------------- Key: WFCORE-3767 URL: https://issues.jboss.org/browse/WFCORE-3767 Project: WildFly Core Issue Type: Enhancement Components: Security Reporter: Jean-Francois Denise Assignee: Darran Lofthouse Attachments: conf-extract The use-case is EXTERNAL + role derived from mgmt-groups.properties. To achieve this use-case a realm aggregate is needed. Each aggregated realm can't be configured with its own principal-transformer. So each realm is impacted by the transformer set on the aggregation. Allowing to configure each realm separately would offer the flexibility to isolate principal transformation for authorisation and not impact authentication. Authentication impact is quite important, an alias in the trust-store and the decoded principal must match exactly. Something that shouldn't be made mandatory in this case.