Console assumes that all role-mappings names are in form of type-principal@realm (e.g. user-someuser@SomeRealm or group-somegroup@SomeRealm). Consequently it is not possible to manage role mappings created through other management interfaces and named differently.

Steps to reproduce:

1) create role mapping
/core-service=management/access=authorization/role-mapping=MONITOR:add()
/core-service=management/access=authorization/role-mapping=MONITOR/include=monitor:add(name=monitor, type=user, realm=ManagementRealm)

2) Navigate to Administration - Role Assignment
3) Try to remove role assignments for user monitor

Expected result: role-mappings for user monitor are removed
Actual result: Error message (Unable to remove...) due to different naming than expected.