"ndrw_cheung" wrote : | I thought the LDAP server is only used for authentication and not for looking up the role permissions by the portal if I use LDAPLoginModule. Therefore I thought I have to enter into the database the user and the role it is assigned to. Could you please explain in more detail this is not the case? | Role assignment is also done at the JAAS level. So if you plug different LoginModule portal will see role assignment resolved there and use it to apply security. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4027705#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...