Stefan Guilhen created AS7-6220: ----------------------------------- Summary: WebJASPIAuthenticator ignores descriptor roles if GroupPrincipalCallback is not empty Key: AS7-6220 URL: https://issues.jboss.org/browse/AS7-6220 Project: Application Server 7 Issue Type: Bug Components: Web Affects Versions: 7.1.3.Final (EAP) Reporter: Stefan Guilhen Assignee: Stefan Guilhen Fix For: 7.2.0.Alpha1, 7.1.4.Final (EAP) The fix for AS7-5735 introduced a regression in the TCK tests because now the WebJASPIAuthenticator is ignoring the descriptor roles when a non-empty GroupPrincipalCallback is returned from the JASPI authentication. The authenticator must add the descriptor roles to the set of roles retrieved from the GroupPrincipalCallback -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira