Follow below steps To Map Users to Roles : jbadmin ==> Administrator jbdeploy ==> Deployer Step 1: To Configure jbdeploy to give it to the Developer : This system is currently configured to use simple access controls, which will not utilize changes made in this section for roles. In order to utilize role mappings that you configure in this section, you will need to enable role based access controls from the Command Line Interface (CLI) using the following command: /core-service=management/access=authorization:write-attribute(name=provider,value=rbac) D:\jboss\jboss-eap-6.3.0_Node1\jboss-eap-6.3\bin>jboss-cli.bat -c --controller=127.0.0.1:9999 [domain@127.0.0.1:9999 /] /core-service=management/access=authorization:write-attribute(name=provider,value=rbac) { "outcome" => "success", "response-headers" => { "operation-requires-reload" => true, "process-state" => "reload-required" }, "result" => undefined, "server-groups" => undefined } [domain@127.0.0.1:9999 /] Step 2: From the console go to administration and add user and map role as per requirement . Step 3 :After mapping users to roles below is the tag updated in Domain.xml <access-control provider="rbac"> <role-mapping> <role name="SuperUser"> <include> <user name="$local"/> <user name="jbadmin"/> </include> </role> <role name="Administrator"> <include> <user name="jbadmin"/> </include> </role> <role name="Deployer"> <include> <user name="jbdeploy"/> </include> </role> </role-mapping> </access-control>