By default, Jetspeed supports hierarchical names for role, group and user principal names and uses the '.' (dot) as a path or level separator.
But right now (if ever) Jetspeed own admin portlets don't really use or support hierarchical principal definitions, even if the security model and component can handle it.
Furthermore, and this is a major problem for some, because of this email addresses can't be used for user account names.
By making hierarchical interpretation of principal (user,role and group) names optional, this now becomes possible.
As we don't use factories for instantiating the principal classes, and I didn't want to cause a lot of api changes, I've opted for
simple static methods on each principal type class through which this can be turned off.
And by using Spring MethodInvokingFactoryBeans this can easily be configured through spring assembly.
I'll add a new spring assembly file doing just that for all three principal classes but then commented out so by default everything stays the same.
One example from this assembly file (hierarchical-principal-names.xml):