Found this document http://ftp.bredex.de/rcp-auth/RCP_Authorization.pdf which looks interesting. There is also a FAQ on the RAP site which covers this topic but I couldn't get it to work as I expected. The downloadable demo didn't function either :-(
More info found here https://bugs.eclipse.org/bugs/show_bug.cgi?id=71857
You could try using the activities mechanism for this. See http://help.eclipse.org/help30/topic/org.eclipse.platform.doc.isv/guide/workbench_advext_activities.htm You would: - define separate activities corresponding to the different access levels - define your actions in regular action sets, grouped according to access level - associate each activity with the appropriate action sets via activityPatternBinding elements - set the enabled activity ids after authentication, early in the workbench lifecycle, e.g. from your WorkbenchAdvisor's preStartup() method. You may want to define dependencies between access levels (e.g. level A includes level B) using the activityRequirementBinding element. Note that this mechanism also supports dynamic changes to the set of enabled activities.
An article from IBM http://www.ibm.com/developerworks/opensource/library/os-ecl-rcpsec/index.html
RAP Wiki http://wiki.eclipse.org/RAP/Equinox_Security_Integration