I am facing an issue in my application which has certificate based authentication. The application lists different other application to which the user has access to. The applications are listed based on the user role in the request object. request.isUserRoleIn('').
I wanted to know how these roles are actually set, is it set in the webserver and where ?
I am sure it is not done in the code as these user roles are accessed in the first line of code.