How to set Java EE security roles

I'm working on a filter to be put in front of a Java application. This filter already is responsible for setting the user name in the remote user variable (in order for the application to do a request.getRemoteUser() call).

I'd like 开发者_开发问答to also set the roles of the currently logged user from a custom call to an LDAP (not requesting user groups but other specific attributes).

How can I achieve that?

If you write a custom LoginModule, you can authenticate the user yourself, as well as populate the user's roles based on what is in LDAP. If you specify your application server, I could provide more specific information.

OK, LoginModule. It looks like it's what I was looking for... (Filter does not provide the needed functionalities regarding EJB, only servlets) What specificities are they between different App Servers? Isn't there a core Java EE LoginModule specification that is suported by all servers? (at least WAS and jBoss I would say)

Thanks for your help anyway!