Below is the security declaration from my web.xml
No was soon as the user login, i authenticate the user, and he is a valid user, now i want the user to access "ManagerApplication", so how do the web application know that the user role is "manager" ? Do i need to put that "role" into session ? if i should then what should session variable name?
Any help is appreciated, thanks