405535 Implement Request.isUserInRole(role) check security-role-refs defaulting to security-role if no matching ref

This commit is contained in:
Jan Bartel 2013-04-15 18:23:32 +10:00
parent 1092201341
commit 6020321845
1 changed files with 12 additions and 3 deletions

View File

@ -54,12 +54,21 @@ public class DefaultUserIdentity implements UserIdentity
}
public boolean isUserInRole(String role, Scope scope)
{
{
//Servlet Spec 3.1, pg 125
if ("*".equals(role))
return false;
String roleToTest = null;
if (scope!=null && scope.getRoleRefMap()!=null)
role=scope.getRoleRefMap().get(role);
roleToTest=scope.getRoleRefMap().get(role);
//Servlet Spec 3.1, pg 125
if (roleToTest == null)
roleToTest = role;
for (String r :_roles)
if (r.equals(role))
if (r.equals(roleToTest))
return true;
return false;
}