You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by ay...@apache.org on 2011/07/14 18:09:40 UTC

svn commit: r1146773 - in /cxf/trunk/rt/core/src: main/java/org/apache/cxf/interceptor/security/DefaultSecurityContext.java test/java/org/apache/cxf/interceptor/security/DefaultSecurityContextTest.java

Author: ay
Date: Thu Jul 14 16:09:39 2011
New Revision: 1146773

URL: http://svn.apache.org/viewvc?rev=1146773&view=rev
Log:
[CXF-3655] DefaultSecurityContext to handle implicit roles

Modified:
    cxf/trunk/rt/core/src/main/java/org/apache/cxf/interceptor/security/DefaultSecurityContext.java
    cxf/trunk/rt/core/src/test/java/org/apache/cxf/interceptor/security/DefaultSecurityContextTest.java

Modified: cxf/trunk/rt/core/src/main/java/org/apache/cxf/interceptor/security/DefaultSecurityContext.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/core/src/main/java/org/apache/cxf/interceptor/security/DefaultSecurityContext.java?rev=1146773&r1=1146772&r2=1146773&view=diff
==============================================================================
--- cxf/trunk/rt/core/src/main/java/org/apache/cxf/interceptor/security/DefaultSecurityContext.java (original)
+++ cxf/trunk/rt/core/src/main/java/org/apache/cxf/interceptor/security/DefaultSecurityContext.java Thu Jul 14 16:09:39 2011
@@ -68,7 +68,10 @@ public class DefaultSecurityContext impl
     public boolean isUserInRole(String role) {
         if (subject != null) {
             for (Principal principal : subject.getPrincipals()) {
-                if (principal instanceof Group && checkGroup((Group)principal, role)) { 
+                if (principal instanceof Group && checkGroup((Group)principal, role)) {
+                    return true;
+                } else if (p != principal
+                           && role.equals(principal.getName())) {
                     return true;
                 }
             }

Modified: cxf/trunk/rt/core/src/test/java/org/apache/cxf/interceptor/security/DefaultSecurityContextTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/core/src/test/java/org/apache/cxf/interceptor/security/DefaultSecurityContextTest.java?rev=1146773&r1=1146772&r2=1146773&view=diff
==============================================================================
--- cxf/trunk/rt/core/src/test/java/org/apache/cxf/interceptor/security/DefaultSecurityContextTest.java (original)
+++ cxf/trunk/rt/core/src/test/java/org/apache/cxf/interceptor/security/DefaultSecurityContextTest.java Thu Jul 14 16:09:39 2011
@@ -100,5 +100,18 @@ public class DefaultSecurityContextTest 
         s.getPrincipals().add(group);
         assertTrue(new DefaultSecurityContext(p, s).isUserInRole("friend"));
     }
+
+    @Test
+    public void testUserInImplicitRoles() {
+        Subject s = new Subject();
+        Principal p = new SimplePrincipal("Barry");
+        s.getPrincipals().add(p);
+        Principal role = new SimplePrincipal("friend");
+        s.getPrincipals().add(role);
+        LoginSecurityContext context = new DefaultSecurityContext(p, s); 
+        assertTrue(context.isUserInRole("friend"));
+        assertFalse(context.isUserInRole("family"));
+        assertFalse(context.isUserInRole("Barry"));
+    }
     
 }