Eclipse
/
jetty.project
mirror of https://github.com/jetty/jetty.project.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

405535 implement Request.isUserInRole(role) check security-role-refs defaulting to security-role if no matching ref

This commit is contained in:
Jan Bartel 2013-07-23 17:20:55 +10:00
parent 0aa2a5b6bb
commit f19421112a
2 changed files with 10 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
jetty-security/src/main/java/org/eclipse/jetty/security/DefaultUserIdentity.java
View File

@ -56,11 +56,17 @@ public class DefaultUserIdentity implements UserIdentity
public boolean isUserInRole(String role, Scope scope) public boolean isUserInRole(String role, Scope scope)
{ {
if (scope!=null && scope.getRoleRefMap()!=null) if (scope!=null && scope.getRoleRefMap()!=null)
role=scope.getRoleRefMap().get(role); {
String mappedRole = scope.getRoleRefMap().get(role);
if (mappedRole != null)
role = mappedRole;
}
for (String r :_roles) for (String r :_roles)
{
if (r.equals(role)) if (r.equals(role))
return true; return true;
}
return false; return false;
} }

2
tests/test-webapps/test-servlet-spec/test-spec-webapp/src/main/java/com/acme/RoleAnnotationTest.java
View File

@ -75,7 +75,7 @@ public class RoleAnnotationTest extends HttpServlet
result = request.isUserInRole("manager"); result = request.isUserInRole("manager");
out.println("<br/><b>Result: isUserInRole(\"manager\")="+result+":"+ (result?" <span class=\"pass\">PASS":" <span class=\"fail\">FAIL")+"</span></b>"); out.println("<br/><b>Result: isUserInRole(\"manager\")="+result+":"+ (result?" <span class=\"pass\">PASS":" <span class=\"fail\">FAIL")+"</span></b>");
result = request.isUserInRole("user"); result = request.isUserInRole("user");
out.println("<br/><b>Result: isUserInRole(\"user\")="+result+":"+ (result==false?" <span class=\"pass\">PASS":" <span class=\"fail\">FAIL")+"</span></b>"); out.println("<br/><b>Result: isUserInRole(\"user\")="+result+":"+ (result?" <span class=\"pass\">PASS":" <span class=\"fail\">FAIL")+"</span></b>");
String context = _config.getServletContext().getContextPath(); String context = _config.getServletContext().getContextPath();
if (!context.endsWith("/")) if (!context.endsWith("/"))
context += "/"; context += "/";