I have an application that contains a WAS specific configuration file 'ibm-application-bnd.xml' set in which is mapping some application roles to some LDAP groups.
What is possible and what solutions can I explore with (1) and (2) above?
Assuming you want to do this on WebSphere and not another server, see IBM KnowledgeCenter topic https://www.ibm.com/support/knowledgecenter/SSEQTP_9.0.5/com.ibm.websphere.base.doc/ae/crun_app_bindings.html When you deploy the application you can override the bindings contained in the xml file interactively through the admin console, or through scripting with the wsadmin tool. Typically, to deploy the application in different server environments, you would use the wsadmin tool and one or more scripts to deploy the app and bind server resources to app references.