directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From smckin...@apache.org
Subject [directory-fortress-enmasse] branch FC-265 updated: refine load script
Date Fri, 15 Mar 2019 01:23:31 GMT
This is an automated email from the ASF dual-hosted git repository.

smckinney pushed a commit to branch FC-265
in repository https://gitbox.apache.org/repos/asf/directory-fortress-enmasse.git


The following commit(s) were added to refs/heads/FC-265 by this push:
     new 20b89f0  refine load script
20b89f0 is described below

commit 20b89f05431d396c5394912f517e6bbea0010cf9
Author: Shawn McKinney <smckinney@apache.org>
AuthorDate: Thu Mar 14 20:23:25 2019 -0500

    refine load script
---
 src/main/resources/FortressRestServerPolicy.xml | 279 ++++++++++++------------
 src/main/webapp/WEB-INF/web.xml                 |   5 +-
 2 files changed, 140 insertions(+), 144 deletions(-)

diff --git a/src/main/resources/FortressRestServerPolicy.xml b/src/main/resources/FortressRestServerPolicy.xml
index 63167cf..2339ec5 100644
--- a/src/main/resources/FortressRestServerPolicy.xml
+++ b/src/main/resources/FortressRestServerPolicy.xml
@@ -25,20 +25,18 @@
     <target name="all">
         <FortressAdmin>
 
-
             <!-- Begin RBAC Admin Data: -->
             <adduser>
                 <user userId="demoUser4" password="password" description="Demo Test User
4" ou="demousrs1" cn="JoeUser4" sn="User4"  beginTime="0000" endTime="0000" beginDate="20090101"
endDate="20990101" beginLockDate="" endLockDate="" dayMask="1234567" timeout="60" photo="p4.jpeg"/>
             </adduser>
 
             <adduserrole>
-                <userrole userId="demoUser4" name="fortress-rest-user"  beginTime="0000"
endTime="0000" beginDate="" endDate="" beginLockDate="" endLockDate="" dayMask="" timeout="0"/>
-                <userrole userId="demoUser4" name="fortress-rest-super-user"  beginTime="0000"
endTime="0000" beginDate="" endDate="" beginLockDate="" endLockDate="" dayMask="" timeout="0"/>
+                <userrole userId="demoUser4" name="fortress-rest-power-user"  beginTime="0000"
endTime="0000" beginDate="" endDate="" beginLockDate="" endLockDate="" dayMask="" timeout="0"/>
             </adduserrole>
 
             <adduseradminrole>
                 <userrole userId="demoUser4"
-                          name="fortress-rest-admin-user"
+                          name="fortress-rest-admin"
                           beginTime="0000"
                           endTime="0000"
                           beginDate=""
@@ -51,12 +49,12 @@
             </adduseradminrole>
 
             <deladminrole>
-                <role name="fortress-rest-admin-user"/>
+                <role name="fortress-rest-admin"/>
             </deladminrole>
 
             <addadminrole>
-                <role name="fortress-rest-admin-user"
-                      description="Fortress Rest Admin User"
+                <role name="fortress-rest-admin"
+                      description="Fortress Rest Admin"
                       begininclusive="true"
                       endinclusive="true"
                       osps="APP0,APP1,APP2,APP3,APP4,APP5,APP6,APP7,APP8,APP9,APP10,oamT3POrg8,oamT3POrg9,oamT3POrg1,oamT3POrg10,oamT3POrg2,oamT3POrg3,oamT3POrg4,oamT3POrg5,oamT3POrg6,oamT3POrg7,oamT3POrg8,oamT4POrg1,oamT4POrg10,oamT4POrg2,oamT4POrg3,oamT4POrg4,oamT4POrg5,oamT4POrg6,oamT4POrg7,oamT4POrg8,oamT4POrg9,T5POrg1,T5POrg2,T5POrg3,T5POrg4,T5POrg5,T6POrg1,T6POrg2,T6POrg3,T6POrg4,T6POrg5,T6POrg6,T6POrg7,T7POrg1,T7POrg2,T7POrg3,T7POrg4,T7POrg5,T7POrg6,T7POrg7,"
@@ -99,7 +97,8 @@
             </addrole>
 
             <addroleinheritance>
-                <!-- Users assigned fortress-web-power-user role will inherit each of
the following roles. -->
+                <!-- Users assigned fortress-rest-power-user role will inherit each of
the following roles. -->
+                <relationship child="fortress-rest-power-user" parent="fortress-rest-user"/>
                 <relationship child="fortress-rest-power-user" parent="fortress-rest-access-user"/>
                 <relationship child="fortress-rest-power-user" parent="fortress-rest-admin-user"/>
                 <relationship child="fortress-rest-power-user" parent="fortress-rest-review-user"/>
@@ -117,139 +116,137 @@
             </addorgunit>
 
             <addpermgrant>
-                <permgrant objName="org.apache.directory.fortress.core.impl.AuditMgrImpl"
opName="searchBinds" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.AuditMgrImpl"
opName="searchAuthZs" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.AuditMgrImpl"
opName="getUserAuthZs" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.AuditMgrImpl"
opName="searchUserSessions" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.AuditMgrImpl"
opName="searchAdminMods" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.AuditMgrImpl"
opName="searchInvalidUsers" roleNm="fortress-rest-admin-user" admin="true"/>
-
-                <permgrant objName="org.apache.directory.fortress.core.impl.ReviewMgrImpl"
opName="readPermission" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.ReviewMgrImpl"
opName="readPermObj" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.ReviewMgrImpl"
opName="findPermissions" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.ReviewMgrImpl"
opName="findPermObjs" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.ReviewMgrImpl"
opName="findPermsByObj" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.ReviewMgrImpl"
opName="readRole" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.ReviewMgrImpl"
opName="findRoles" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.ReviewMgrImpl"
opName="readUser" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.ReviewMgrImpl"
opName="findUsers" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.ReviewMgrImpl"
opName="assignedUsers" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.ReviewMgrImpl"
opName="assignedRoles" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.ReviewMgrImpl"
opName="authorizedUsers" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.ReviewMgrImpl"
opName="authorizedRoles" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.ReviewMgrImpl"
opName="rolePermissions" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.ReviewMgrImpl"
opName="userPermissions" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.ReviewMgrImpl"
opName="permissionRoles" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.ReviewMgrImpl"
opName="authorizedPermissionRoles" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.ReviewMgrImpl"
opName="permissionUsers" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.ReviewMgrImpl"
opName="authorizedPermissionUsers" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.ReviewMgrImpl"
opName="ssdRoleSets" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.ReviewMgrImpl"
opName="ssdRoleSet" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.ReviewMgrImpl"
opName="ssdRoleSetRoles" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.ReviewMgrImpl"
opName="ssdRoleSetCardinality" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.ReviewMgrImpl"
opName="dsdRoleSets" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.ReviewMgrImpl"
opName="ssdSets" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.ReviewMgrImpl"
opName="dsdRoleSet" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.ReviewMgrImpl"
opName="dsdRoleSetRoles" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.ReviewMgrImpl"
opName="dsdRoleSetCardinality" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.ReviewMgrImpl"
opName="dsdSets" roleNm="fortress-rest-admin-user" admin="true"/>
-                <!--<permgrant objName="org.apache.directory.fortress.core.impl.ReviewMgrImpl"
opName="findAnyPermissions" roleNm="fortress-rest-admin-user" admin="true"/>-->
-                <permgrant objName="org.apache.directory.fortress.core.impl.ReviewMgrImpl"
opName="readPermAttributeSet" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.ReviewMgrImpl"
opName="findRoleConstraints" roleNm="fortress-rest-admin-user" admin="true"/>
-
-                <permgrant objName="org.apache.directory.fortress.core.impl.DelReviewMgrImpl"
opName="readRole" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.DelReviewMgrImpl"
opName="findRoles" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.DelReviewMgrImpl"
opName="assignedRoles" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.DelReviewMgrImpl"
opName="assignedUsers" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.DelReviewMgrImpl"
opName="readOU" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.DelReviewMgrImpl"
opName="searchOU" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.DelReviewMgrImpl"
opName="rolePermissions" roleNm="fortress-rest-admin-user" admin="true"/>
-
-                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="addUser" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="disableUser" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="deleteUser" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="updateUser" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="changePassword" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="lockUserAccount" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="unlockUserAccount" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="resetPassword" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="addRole" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="deleteRole" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="updateRole" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="assignUser" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="deassignUser" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="addRoleConstraint" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="removeRoleConstraint" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="enableRoleConstraint" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="disableRoleConstraint" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="addPermission" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="addPermObj" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="deletePermission" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="deletePermObj" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="updatePermission" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="updatePermObj" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="grantPermission" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="revokePermission" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="grantPermissionUser" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="revokePermissionUser" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="addDescendant" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="addAscendant" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="addInheritance" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="deleteInheritance" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="createSsdSet" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="updateSsdSet" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="addSsdRoleMember" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="deleteSsdRoleMember" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="deleteSsdSet" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="setSsdSetCardinality" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="createDsdSet" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="updateDsdSet" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="addDsdRoleMember" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="deleteDsdRoleMember" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="deleteDsdSet" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="setDsdSetCardinality" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="addPermissionAttributeSet" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="deletePermissionAttributeSet" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="addPermissionAttributeToSet" roleNm="fortress-rest-admin-user" admin="true"/>
-
-                <permgrant objName="org.apache.directory.fortress.core.impl.PwPolicyMgrImpl"
opName="add" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.PwPolicyMgrImpl"
opName="update" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.PwPolicyMgrImpl"
opName="delete" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.PwPolicyMgrImpl"
opName="updateUserPolicy" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.PwPolicyMgrImpl"
opName="deletePasswordPolicy" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.PwPolicyMgrImpl"
opName="search" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.PwPolicyMgrImpl"
opName="read" roleNm="fortress-rest-admin-user" admin="true"/>
-
-                <permgrant objName="org.apache.directory.fortress.core.impl.DelAdminMgrImpl"
opName="addRole" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.DelAdminMgrImpl"
opName="deleteRole" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.DelAdminMgrImpl"
opName="updateRole" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.DelAdminMgrImpl"
opName="assignUser" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.DelAdminMgrImpl"
opName="deassignUser" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.DelAdminMgrImpl"
opName="addOU" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.DelAdminMgrImpl"
opName="updateOU" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.DelAdminMgrImpl"
opName="deleteOU" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.DelAdminMgrImpl"
opName="addDescendantOU" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.DelAdminMgrImpl"
opName="addAscendantOU" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.DelAdminMgrImpl"
opName="addInheritanceOU" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.DelAdminMgrImpl"
opName="deleteInheritanceOU" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.DelAdminMgrImpl"
opName="addDescendantRole" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.DelAdminMgrImpl"
opName="addAscendantRole" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.DelAdminMgrImpl"
opName="addInheritanceRole" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.DelAdminMgrImpl"
opName="deleteInheritanceRole" roleNm="fortress-rest-admin-user" admin="true"/>
-
-                <permgrant objName="org.apache.directory.fortress.core.impl.GroupMgrImpl"
opName="add" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.GroupMgrImpl"
opName="update" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.GroupMgrImpl"
opName="delete" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.GroupMgrImpl"
opName="addProperty" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.GroupMgrImpl"
opName="deleteProperty" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.GroupMgrImpl"
opName="assign" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.GroupMgrImpl"
opName="deassign" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.GroupMgrImpl"
opName="read" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.GroupMgrImpl"
opName="find" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.GroupMgrImpl"
opName="findWithUsers" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.GroupMgrImpl"
opName="groupRoles" roleNm="fortress-rest-admin-user" admin="true"/>
-                <permgrant objName="org.apache.directory.fortress.core.impl.GroupMgrImpl"
opName="roleGroups" roleNm="fortress-rest-admin-user" admin="true"/>
-
+                <permgrant objName="org.apache.directory.fortress.core.impl.AuditMgrImpl"
opName="searchBinds" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.AuditMgrImpl"
opName="searchAuthZs" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.AuditMgrImpl"
opName="getUserAuthZs" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.AuditMgrImpl"
opName="searchUserSessions" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.AuditMgrImpl"
opName="searchAdminMods" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.AuditMgrImpl"
opName="searchInvalidUsers" roleNm="fortress-rest-admin" admin="true"/>
+
+                <permgrant objName="org.apache.directory.fortress.core.impl.ReviewMgrImpl"
opName="readPermission" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.ReviewMgrImpl"
opName="readPermObj" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.ReviewMgrImpl"
opName="findPermissions" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.ReviewMgrImpl"
opName="findPermObjs" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.ReviewMgrImpl"
opName="findPermsByObj" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.ReviewMgrImpl"
opName="readRole" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.ReviewMgrImpl"
opName="findRoles" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.ReviewMgrImpl"
opName="readUser" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.ReviewMgrImpl"
opName="findUsers" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.ReviewMgrImpl"
opName="assignedUsers" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.ReviewMgrImpl"
opName="assignedRoles" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.ReviewMgrImpl"
opName="authorizedUsers" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.ReviewMgrImpl"
opName="authorizedRoles" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.ReviewMgrImpl"
opName="rolePermissions" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.ReviewMgrImpl"
opName="userPermissions" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.ReviewMgrImpl"
opName="permissionRoles" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.ReviewMgrImpl"
opName="authorizedPermissionRoles" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.ReviewMgrImpl"
opName="permissionUsers" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.ReviewMgrImpl"
opName="authorizedPermissionUsers" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.ReviewMgrImpl"
opName="ssdRoleSets" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.ReviewMgrImpl"
opName="ssdRoleSet" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.ReviewMgrImpl"
opName="ssdRoleSetRoles" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.ReviewMgrImpl"
opName="ssdRoleSetCardinality" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.ReviewMgrImpl"
opName="dsdRoleSets" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.ReviewMgrImpl"
opName="ssdSets" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.ReviewMgrImpl"
opName="dsdRoleSet" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.ReviewMgrImpl"
opName="dsdRoleSetRoles" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.ReviewMgrImpl"
opName="dsdRoleSetCardinality" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.ReviewMgrImpl"
opName="dsdSets" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.ReviewMgrImpl"
opName="readPermAttributeSet" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.ReviewMgrImpl"
opName="findRoleConstraints" roleNm="fortress-rest-admin" admin="true"/>
+
+                <permgrant objName="org.apache.directory.fortress.core.impl.DelReviewMgrImpl"
opName="readRole" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.DelReviewMgrImpl"
opName="findRoles" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.DelReviewMgrImpl"
opName="assignedRoles" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.DelReviewMgrImpl"
opName="assignedUsers" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.DelReviewMgrImpl"
opName="readOU" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.DelReviewMgrImpl"
opName="searchOU" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.DelReviewMgrImpl"
opName="rolePermissions" roleNm="fortress-rest-admin" admin="true"/>
+
+                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="addUser" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="disableUser" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="deleteUser" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="updateUser" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="changePassword" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="lockUserAccount" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="unlockUserAccount" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="resetPassword" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="addRole" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="deleteRole" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="updateRole" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="assignUser" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="deassignUser" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="addRoleConstraint" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="removeRoleConstraint" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="enableRoleConstraint" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="disableRoleConstraint" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="addPermission" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="addPermObj" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="deletePermission" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="deletePermObj" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="updatePermission" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="updatePermObj" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="grantPermission" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="revokePermission" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="grantPermissionUser" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="revokePermissionUser" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="addDescendant" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="addAscendant" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="addInheritance" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="deleteInheritance" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="createSsdSet" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="updateSsdSet" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="addSsdRoleMember" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="deleteSsdRoleMember" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="deleteSsdSet" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="setSsdSetCardinality" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="createDsdSet" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="updateDsdSet" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="addDsdRoleMember" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="deleteDsdRoleMember" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="deleteDsdSet" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="setDsdSetCardinality" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="addPermissionAttributeSet" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="deletePermissionAttributeSet" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.AdminMgrImpl"
opName="addPermissionAttributeToSet" roleNm="fortress-rest-admin" admin="true"/>
+
+                <permgrant objName="org.apache.directory.fortress.core.impl.PwPolicyMgrImpl"
opName="add" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.PwPolicyMgrImpl"
opName="update" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.PwPolicyMgrImpl"
opName="delete" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.PwPolicyMgrImpl"
opName="updateUserPolicy" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.PwPolicyMgrImpl"
opName="deletePasswordPolicy" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.PwPolicyMgrImpl"
opName="search" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.PwPolicyMgrImpl"
opName="read" roleNm="fortress-rest-admin" admin="true"/>
+
+                <permgrant objName="org.apache.directory.fortress.core.impl.DelAdminMgrImpl"
opName="addRole" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.DelAdminMgrImpl"
opName="deleteRole" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.DelAdminMgrImpl"
opName="updateRole" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.DelAdminMgrImpl"
opName="assignUser" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.DelAdminMgrImpl"
opName="deassignUser" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.DelAdminMgrImpl"
opName="addOU" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.DelAdminMgrImpl"
opName="updateOU" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.DelAdminMgrImpl"
opName="deleteOU" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.DelAdminMgrImpl"
opName="addDescendantOU" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.DelAdminMgrImpl"
opName="addAscendantOU" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.DelAdminMgrImpl"
opName="addInheritanceOU" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.DelAdminMgrImpl"
opName="deleteInheritanceOU" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.DelAdminMgrImpl"
opName="addDescendantRole" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.DelAdminMgrImpl"
opName="addAscendantRole" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.DelAdminMgrImpl"
opName="addInheritanceRole" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.DelAdminMgrImpl"
opName="deleteInheritanceRole" roleNm="fortress-rest-admin" admin="true"/>
+
+                <permgrant objName="org.apache.directory.fortress.core.impl.GroupMgrImpl"
opName="add" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.GroupMgrImpl"
opName="update" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.GroupMgrImpl"
opName="delete" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.GroupMgrImpl"
opName="addProperty" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.GroupMgrImpl"
opName="deleteProperty" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.GroupMgrImpl"
opName="assign" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.GroupMgrImpl"
opName="deassign" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.GroupMgrImpl"
opName="read" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.GroupMgrImpl"
opName="find" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.GroupMgrImpl"
opName="findWithUsers" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.GroupMgrImpl"
opName="groupRoles" roleNm="fortress-rest-admin" admin="true"/>
+                <permgrant objName="org.apache.directory.fortress.core.impl.GroupMgrImpl"
opName="roleGroups" roleNm="fortress-rest-admin" admin="true"/>
             </addpermgrant>
         </FortressAdmin>
     </target>
diff --git a/src/main/webapp/WEB-INF/web.xml b/src/main/webapp/WEB-INF/web.xml
index d5e012a..ed587c4 100644
--- a/src/main/webapp/WEB-INF/web.xml
+++ b/src/main/webapp/WEB-INF/web.xml
@@ -64,9 +64,8 @@
        <realm-name>Fortress Rest Realm Authentication Area</realm-name>
      </login-config>
 
-     <!-- Security roles referenced by this web application -->
+     <!-- Security role needed to pass realm authZ -->
      <security-role>
-       <role-name>fortress-rest</role-name>
+       <role-name>fortress-rest-user</role-name>
      </security-role>
-
 </web-app>


Mime
View raw message