I am trying to enable UsernameToken security on a service within WSO2 Dev Studio. I can do this through the WSO2 web GUI easily. My desire to do this through the dev studio is to produce a .car file that can easily be deployed.
I see that the web gui creates a policy file and can include that in the exported .car file. The problem, I believe, is that when you use the web gui to enable usernametoken security, the second screen asks for a list of user groups to be selected. I don't see where that data ends up. It's not defined in the policy. It appears that it is stored internally by WSO2. If that is accurate, is there anyway to interact with that via the deployment of a .car file?
Ultimately, I just want to authenticate using the username and password and any user group is fine since I'm going to use an entitlement mediator after authentication to control access.
Edit: It looks like it ends up in the UM_ROLE_PERMISSION table in the WSO2CARBON database. I guess what I need is a way to put some piece of code in my .car file that will get executed upon deployment in order to write into that table. (Or a less terrible solution where I can just describe the authentication scheme in whole without having to manipulate the database.)
