405535 Implement Request.isUserInRole(role) check security-role-refs defaulting to security-role if no matching ref
This commit is contained in:
parent
1092201341
commit
6020321845
|
@ -54,12 +54,21 @@ public class DefaultUserIdentity implements UserIdentity
|
|||
}
|
||||
|
||||
public boolean isUserInRole(String role, Scope scope)
|
||||
{
|
||||
{
|
||||
//Servlet Spec 3.1, pg 125
|
||||
if ("*".equals(role))
|
||||
return false;
|
||||
|
||||
String roleToTest = null;
|
||||
if (scope!=null && scope.getRoleRefMap()!=null)
|
||||
role=scope.getRoleRefMap().get(role);
|
||||
roleToTest=scope.getRoleRefMap().get(role);
|
||||
|
||||
//Servlet Spec 3.1, pg 125
|
||||
if (roleToTest == null)
|
||||
roleToTest = role;
|
||||
|
||||
for (String r :_roles)
|
||||
if (r.equals(role))
|
||||
if (r.equals(roleToTest))
|
||||
return true;
|
||||
return false;
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue