Skip to main content
aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJan Bartel2013-07-23 03:20:55 -0400
committerJan Bartel2013-07-23 03:20:55 -0400
commitf19421112a90d993514ae20b09a6a95f18d57a2a (patch)
treeb22b1386e3e26bd091acfa69f981c2dff22a3100
parent0aa2a5b6bbe1efb9cce8818ae0dfefd44b454475 (diff)
downloadorg.eclipse.jetty.project-f19421112a90d993514ae20b09a6a95f18d57a2a.tar.gz
org.eclipse.jetty.project-f19421112a90d993514ae20b09a6a95f18d57a2a.tar.xz
org.eclipse.jetty.project-f19421112a90d993514ae20b09a6a95f18d57a2a.zip
405535 implement Request.isUserInRole(role) check security-role-refs defaulting to security-role if no matching ref
-rw-r--r--jetty-security/src/main/java/org/eclipse/jetty/security/DefaultUserIdentity.java12
-rw-r--r--tests/test-webapps/test-servlet-spec/test-spec-webapp/src/main/java/com/acme/RoleAnnotationTest.java2
2 files changed, 10 insertions, 4 deletions
diff --git a/jetty-security/src/main/java/org/eclipse/jetty/security/DefaultUserIdentity.java b/jetty-security/src/main/java/org/eclipse/jetty/security/DefaultUserIdentity.java
index 28b0cb3a44..dd12b1d911 100644
--- a/jetty-security/src/main/java/org/eclipse/jetty/security/DefaultUserIdentity.java
+++ b/jetty-security/src/main/java/org/eclipse/jetty/security/DefaultUserIdentity.java
@@ -54,13 +54,19 @@ public class DefaultUserIdentity implements UserIdentity
}
public boolean isUserInRole(String role, Scope scope)
- {
+ {
if (scope!=null && scope.getRoleRefMap()!=null)
- role=scope.getRoleRefMap().get(role);
-
+ {
+ String mappedRole = scope.getRoleRefMap().get(role);
+ if (mappedRole != null)
+ role = mappedRole;
+ }
+
for (String r :_roles)
+ {
if (r.equals(role))
return true;
+ }
return false;
}
diff --git a/tests/test-webapps/test-servlet-spec/test-spec-webapp/src/main/java/com/acme/RoleAnnotationTest.java b/tests/test-webapps/test-servlet-spec/test-spec-webapp/src/main/java/com/acme/RoleAnnotationTest.java
index 303f35ca6c..d16b7373a4 100644
--- a/tests/test-webapps/test-servlet-spec/test-spec-webapp/src/main/java/com/acme/RoleAnnotationTest.java
+++ b/tests/test-webapps/test-servlet-spec/test-spec-webapp/src/main/java/com/acme/RoleAnnotationTest.java
@@ -75,7 +75,7 @@ public class RoleAnnotationTest extends HttpServlet
result = request.isUserInRole("manager");
out.println("<br/><b>Result: isUserInRole(\"manager\")="+result+":"+ (result?" <span class=\"pass\">PASS":" <span class=\"fail\">FAIL")+"</span></b>");
result = request.isUserInRole("user");
- out.println("<br/><b>Result: isUserInRole(\"user\")="+result+":"+ (result==false?" <span class=\"pass\">PASS":" <span class=\"fail\">FAIL")+"</span></b>");
+ out.println("<br/><b>Result: isUserInRole(\"user\")="+result+":"+ (result?" <span class=\"pass\">PASS":" <span class=\"fail\">FAIL")+"</span></b>");
String context = _config.getServletContext().getContextPath();
if (!context.endsWith("/"))
context += "/";

Back to the top