In case you need to test authorization of your JBoss-deployed application and you don't want to connect to the remote system or can't configure it to return proper roles for you, you may use JBoss Identity login module:
<security-domain name="mydomain" cache-type="default">
<authentication>
<login-module code="Identity" flag="required">
<module-option name="principal" value="myprincipal"/>
<module-option name="roles" value="ROLE_TO_BE_TESTED1,ROLE_TO_BE_TESTED2"/>
</login-module>
</authentication>
</security-domain>
where:- mydomain is the security domain name specified in the application
- myprincipal - principal (i.e. login) name of the authenticated user. Default is guest.
- ROLE_TO_BE_TESTED1,ROLE_TO_BE_TESTED2 - comma-delimited list of roles that will be assigned to the authenticated user.
