It is needed to implement some HTTP authentication method for testing role based security behavior of some components (eg. RESTEasy/JAX-RS).

Although it is possible yet - as used for ex. org.jboss.as.testsuite.integration.security.CustomLoginModuleTestCase.testSucessfulAuth() - this complexity is very huge and I think unnecessary for common tasks rely on role based security in Web requests.