Can I make user role, configurable from the outside war application?

Hi all.

Once again by configuring the java security web applications via web.xml\web-app\security-constraint was faced with the fact that I see no mechanism to specify the names of user roles external settings. If we imagine that the user roles correspond to the names of groups in the domain active directory, when migrating to another domain, these names may already be taken and then the application will need to rebuild with renamed roles. There is a parameter "security-role-ref", but he "stitched" in web.xml and, therefore, gets into the app.war.
Is there any possibility to specify the names of the security roles from outside web application?
July 9th 19 at 13:38
1 answer
July 9th 19 at 13:40
It is possible to do it via the database you are using. Here is the official lesson there for glassfish, but I think that's something you and the server you are using. You need to see your server documentation.
Hello. No, I don't use the database. Only AD. But this fact does not change. Security groups that are allowed access are set via the "security-constraint", which is prescribed in glassfish web.xml. And there they variables do not. - ima.Halvorson commented on July 9th 19 at 13:43
Yes. It seems so. The documentation is the only way and described. In case of discrepancy of groups to roles is recommended to use the security-role-mapping of the same web.xml. - daisy_Osins commented on July 9th 19 at 13:46

Find more questions by tags JavaUser identificationWeb Development