When RBAC is not enabled, a security realm in the management section allows the use of the "<local />" login mechanism to work fine in conjunction with an LDAP user store. When RBAC is enabled, the "<local />" login mechanism can still be configured but will not work. The request is to allow this to work even when RBAC is enabled. Why does the customer need this? automated local scripts should use the "local" mechanisme, while actual management users need to use LDAP authentication/authorization
Is the $local user mapped to any role, e.g. what we have in our standard configs? <role name="SuperUser"> <include> <user name="$local"/> </include> </role>
I don't believe this is RBAC, just an issue loading groups where the local mechanism is also in play so investigating further on that basis.
Verified on EAP 6.3.0.ER2. Using parameter skip-group-loading resolved this issue.
Changed <literal></literal> tags in Doc Text to ticks (`) to fix Bug 1096865