You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by ay...@apache.org on 2011/07/14 18:09:40 UTC
svn commit: r1146773 - in /cxf/trunk/rt/core/src:
main/java/org/apache/cxf/interceptor/security/DefaultSecurityContext.java
test/java/org/apache/cxf/interceptor/security/DefaultSecurityContextTest.java
Author: ay
Date: Thu Jul 14 16:09:39 2011
New Revision: 1146773
URL: http://svn.apache.org/viewvc?rev=1146773&view=rev
Log:
[CXF-3655] DefaultSecurityContext to handle implicit roles
Modified:
cxf/trunk/rt/core/src/main/java/org/apache/cxf/interceptor/security/DefaultSecurityContext.java
cxf/trunk/rt/core/src/test/java/org/apache/cxf/interceptor/security/DefaultSecurityContextTest.java
Modified: cxf/trunk/rt/core/src/main/java/org/apache/cxf/interceptor/security/DefaultSecurityContext.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/core/src/main/java/org/apache/cxf/interceptor/security/DefaultSecurityContext.java?rev=1146773&r1=1146772&r2=1146773&view=diff
==============================================================================
--- cxf/trunk/rt/core/src/main/java/org/apache/cxf/interceptor/security/DefaultSecurityContext.java (original)
+++ cxf/trunk/rt/core/src/main/java/org/apache/cxf/interceptor/security/DefaultSecurityContext.java Thu Jul 14 16:09:39 2011
@@ -68,7 +68,10 @@ public class DefaultSecurityContext impl
public boolean isUserInRole(String role) {
if (subject != null) {
for (Principal principal : subject.getPrincipals()) {
- if (principal instanceof Group && checkGroup((Group)principal, role)) {
+ if (principal instanceof Group && checkGroup((Group)principal, role)) {
+ return true;
+ } else if (p != principal
+ && role.equals(principal.getName())) {
return true;
}
}
Modified: cxf/trunk/rt/core/src/test/java/org/apache/cxf/interceptor/security/DefaultSecurityContextTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/core/src/test/java/org/apache/cxf/interceptor/security/DefaultSecurityContextTest.java?rev=1146773&r1=1146772&r2=1146773&view=diff
==============================================================================
--- cxf/trunk/rt/core/src/test/java/org/apache/cxf/interceptor/security/DefaultSecurityContextTest.java (original)
+++ cxf/trunk/rt/core/src/test/java/org/apache/cxf/interceptor/security/DefaultSecurityContextTest.java Thu Jul 14 16:09:39 2011
@@ -100,5 +100,18 @@ public class DefaultSecurityContextTest
s.getPrincipals().add(group);
assertTrue(new DefaultSecurityContext(p, s).isUserInRole("friend"));
}
+
+ @Test
+ public void testUserInImplicitRoles() {
+ Subject s = new Subject();
+ Principal p = new SimplePrincipal("Barry");
+ s.getPrincipals().add(p);
+ Principal role = new SimplePrincipal("friend");
+ s.getPrincipals().add(role);
+ LoginSecurityContext context = new DefaultSecurityContext(p, s);
+ assertTrue(context.isUserInRole("friend"));
+ assertFalse(context.isUserInRole("family"));
+ assertFalse(context.isUserInRole("Barry"));
+ }
}