You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@isis.apache.org by da...@apache.org on 2013/08/15 21:16:48 UTC

git commit: making ShiroAuthenticatorOrAuthorizor#getRoles protected...

Updated Branches:
  refs/heads/master f4568b16e -> b59b1c323


making ShiroAuthenticatorOrAuthorizor#getRoles protected...

... to enable possible overriding by custom impls


Project: http://git-wip-us.apache.org/repos/asf/isis/repo
Commit: http://git-wip-us.apache.org/repos/asf/isis/commit/b59b1c32
Tree: http://git-wip-us.apache.org/repos/asf/isis/tree/b59b1c32
Diff: http://git-wip-us.apache.org/repos/asf/isis/diff/b59b1c32

Branch: refs/heads/master
Commit: b59b1c323c2e26ffdec9ca62c23daab8c770402a
Parents: f4568b1
Author: Dan Haywood <da...@apache.org>
Authored: Thu Aug 15 20:16:37 2013 +0100
Committer: Dan Haywood <da...@apache.org>
Committed: Thu Aug 15 20:16:37 2013 +0100

----------------------------------------------------------------------
 .../isis/security/shiro/ShiroAuthenticatorOrAuthorizor.java   | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/isis/blob/b59b1c32/component/security/shiro/src/main/java/org/apache/isis/security/shiro/ShiroAuthenticatorOrAuthorizor.java
----------------------------------------------------------------------
diff --git a/component/security/shiro/src/main/java/org/apache/isis/security/shiro/ShiroAuthenticatorOrAuthorizor.java b/component/security/shiro/src/main/java/org/apache/isis/security/shiro/ShiroAuthenticatorOrAuthorizor.java
index 23c763a..b08cd1a 100644
--- a/component/security/shiro/src/main/java/org/apache/isis/security/shiro/ShiroAuthenticatorOrAuthorizor.java
+++ b/component/security/shiro/src/main/java/org/apache/isis/security/shiro/ShiroAuthenticatorOrAuthorizor.java
@@ -163,7 +163,12 @@ public class ShiroAuthenticatorOrAuthorizor implements Authenticator, Authorizor
         return new SimpleSession(request.getName(), roles, code);
     }
 
-    private List<String> getRoles(final AuthenticationToken token) {
+    /**
+     * This method has protected visibility to allow for custom implementations
+     * in the future that might obtain the list of roles for a principal from
+     * somewherte other than Shiro's {@link RealmSecurityManager}.
+     */
+    protected List<String> getRoles(final AuthenticationToken token) {
         final List<String> roles = Lists.newArrayList();
 
         RealmSecurityManager securityManager = getSecurityManager();