Need to use principal-transformer in aggregate-realm in between authentication-realm and authorization-realm ------------------------------------------------------------------------------------------------------------ Key: WFLY-11781 URL: https://issues.jboss.org/browse/WFLY-11781 Project: WildFly Issue Type: Feature Request Components: Security Affects Versions: 15.0.1.Final Reporter: indrajit ingawale Priority: Major It is requirement to use principal-transformer in aggregate-realm in between authentication-realm and authorization-realm . -------------------------------------- <security-domain name="TestDomain" default-realm="TestAggRealm" permission-mapper="default-permission-mapper" pre-realm-principal-transformer="test-transformer" security-event-listener="local-audit"> <realm name="TestAggRealm" role-decoder="from-roles-attribute"/> </security-domain> . . <aggregate-realm name="TestAggRealm" authentication-realm="TestLdapRealm" authorization-realm="Test_Auth_LdapRealm"/> -------------------------------------- I think to achieve this there need to be something like "mid-realm-principal-transformer" in <aggregate-realm> only .