You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by re...@apache.org on 2021/06/03 14:52:41 UTC
[tomcat] branch 8.5.x updated: Fix missing code from the original
hasRole
This is an automated email from the ASF dual-hosted git repository.
remm pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push:
new 482bea4 Fix missing code from the original hasRole
482bea4 is described below
commit 482bea4dcfbd52865ff36c04a4896872bbe32bfa
Author: remm <re...@apache.org>
AuthorDate: Thu Jun 3 16:49:52 2021 +0200
Fix missing code from the original hasRole
Otherwise groups were not considered. No idea why I removed it.
Submitted by Carsten Klein.
---
java/org/apache/catalina/realm/UserDatabaseRealm.java | 12 +++++++++++-
1 file changed, 11 insertions(+), 1 deletion(-)
diff --git a/java/org/apache/catalina/realm/UserDatabaseRealm.java b/java/org/apache/catalina/realm/UserDatabaseRealm.java
index 76757da..eb63a5c 100644
--- a/java/org/apache/catalina/realm/UserDatabaseRealm.java
+++ b/java/org/apache/catalina/realm/UserDatabaseRealm.java
@@ -289,7 +289,17 @@ public class UserDatabaseRealm extends RealmBase {
if (dbrole == null) {
return false;
}
- return user.isInRole(dbrole);
+ if (user.isInRole(dbrole)) {
+ return true;
+ }
+ Iterator<Group> groups = user.getGroups();
+ while (groups.hasNext()) {
+ Group group = groups.next();
+ if (group.isInRole(dbrole)) {
+ return true;
+ }
+ }
+ return false;
}
private Object writeReplace() {
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org