I'm in the midst of converting a weblogic webapp to jboss. The weblogic app makes heavy use of a feature in weblogic.xml where you can assign a group of security roles to a new role for internal use in the app, eg: <security-role-assignment> | <role-name>any-user</role-name> | <principal-name>Admin</principal-name> | <principal-name>Agents</principal-name> | <principal-name>Partners</principal-name> | </security-role-assignment> I can then use HttpServletRequest.isUserInRole("any-user") instead of checking for each. Is there an equivalent feature in JBoss? Or am I faced with putting long strings of "or"s in my code? TIA, Jon View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4130541#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...