Hi. As kindly advised, I restart this question as a separate thread.
Is there a standard, easy way to reread roles for an authenticated user ? The use case is as follow : I implement JSON web tokens (JWT) as a valve, generating it after the container performed authentication and restoring principal when a valid token is passed. I also use JWT as poor man SSO accross systems. But roles are not the same. I would like to be able to read roles sometimes. Of course, I know how to read the roles and could do that in the valve... But, IMHO, it is something that should remain in the realm, for a cleaner separation. Thanks in advance, Ludovic PS : and happy new year ! -- Envoyé de mon appareil Android avec K-9 Mail. Veuillez excuser ma brièveté.
