I have a J2EE application, and with this I would like to create users and asign them to specific roles.
I use the ADD_USER (http://docs.oracle.com/cd/E28389_01/doc.1111/e11011/c04_core.htm#autoId251) service but it seems I cannot specify the role. And I cannot find a way to do so.
As of 11g, the recommended and preferred method of managing users is with an external LDAP user store. If you user standard LDAP to add users into your user store, then they will be WCC users as per your mapping configuration.
Correct. Simply put, in 11g, the users are all 'external' users opposed to the 'local', 'global', 'external' options in earlier releases. You still manage the roles to security group mappings in the User Admin applet (and manage the predefined accts as well), but you'll want to populate the WLS LDAP in your case. then use the jpsprovider to setup the user store.
The ldap groups (i.e., cn's) that you register the user with in the ldap will turn into the WCC roles and accounts. This is the same process as using a ldapprovider in the 10g and earlier versions.
Adding to the discussion and point that Ryan mentioned , another option would be to create users on WLS / LDAP and then use credential maps on UCM to give the external users desired roles / accounts when they login to UCM .