Sorry for your trouble. It's probably best to post a separate issue if you want attention faster :) or contact support. However, since I am accidentally here...
Sounds like you might have a prof. edition, no?
Yes, in 5.1, code has gone through some refactoring. We accidentally dropped this replace. Ooops. We are going to put it back in 5.2.
For you, you have this option 1, unless you are using LDAP:
You can follow the old authentication cookbook and configure this the old way, which is going to utilize the old code. 1 thing you would absolutely need to do though is to re-add JIAuthenticationSynchronizer in /** filter chain after delegatingRequestParameterAuthenticationFilter (in filterChainProxy bean in applicationContext-security-web.xml). Now, I have not tested this personally ..., but it should work.
If you are on LDAP, we are in trouble, as we dropped com.jaspersoft.jasperserver.multipleTenancy.ldap.LdapExternalUserProcessor by accident.
We have since re-added it to 5.2
Hence, Option 2 is to map your external roles with spaces to JRS internal ones in the new 5.1 config. To do that, setup key-value pairs in organizationRoleMap property of mtExternalUserSetupProcessor bean.
ROLE ADMIN EXTERNAL ORGANIZATION
ROLE_ADMIN_EXTERNAL_ORGANIZATION|*
Note |*, it will assign organization id to the role, which usually is not the case.
Good luck