From f19421112a90d993514ae20b09a6a95f18d57a2a Mon Sep 17 00:00:00 2001
From: Jan Bartel
Date: Tue, 23 Jul 2013 17:20:55 +1000
Subject: 405535 implement Request.isUserInRole(role) check security-role-refs
 defaulting to security-role if no matching ref

---
 .../java/org/eclipse/jetty/security/DefaultUserIdentity.java | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

(limited to 'jetty-security')

diff --git a/jetty-security/src/main/java/org/eclipse/jetty/security/DefaultUserIdentity.java b/jetty-security/src/main/java/org/eclipse/jetty/security/DefaultUserIdentity.java
index 28b0cb3a44..dd12b1d911 100644
--- a/jetty-security/src/main/java/org/eclipse/jetty/security/DefaultUserIdentity.java
+++ b/jetty-security/src/main/java/org/eclipse/jetty/security/DefaultUserIdentity.java
@@ -54,13 +54,19 @@ public class DefaultUserIdentity implements UserIdentity
     }
 
     public boolean isUserInRole(String role, Scope scope)
-    {
+    {  
         if (scope!=null && scope.getRoleRefMap()!=null)
-            role=scope.getRoleRefMap().get(role);
-
+        {
+            String mappedRole = scope.getRoleRefMap().get(role);
+            if (mappedRole != null)
+                role = mappedRole;
+        }
+        
         for (String r :_roles)
+        {
             if (r.equals(role))
                 return true;
+        }
         return false;
     }
 
-- 
cgit v1.2.3