Hi all.

We develop EJB application which uses:

* declarative security using in ejb-jar.xml
* our own RoleMapper SSP, which take mapping data from DB
(our Mapper doesn't use weblogic-ejb-jar.xml at all)

When I deploy my app without
in weblogic-ejb-jar.xml I receive the deployment exception:


The security-role MY_ROLE, defined in ejb-jar.xml,
is not correctly mapped to a security principal.
Make sure the security-role has a corresponding
security-role-assignment element in the
weblogic-ejb-jar.xml descriptor.


Yes, this is absolutely correct --
I didn't define the mapping in *.xml advisedly,
because of it is defined in DB and my own Mapper
retrieves data required for role mapping from DB,
not from descriptor *.xml

Questions are:
==============
1. why is so strictly required ?
2. is it possible to use declarative security with own RoleMapper ?
3. if `yes` then how to get rid of the exception ?

I have one workaround:
to add to weblogic-ejb-jar.xml fake mapping for
each EJB role used in ejb-jar.xml:

MY_ROLE
FaKe_Blah_bLAH

In this case all works fine,
but workaround smells very very bad

Thanks in advance.

--
Best regards,
Eugene Voytitsky