All Downloads are FREE. Search and download functionalities are using the official Maven repository.

org.eclipse.jetty.plus.jaas.StrictRoleCheckPolicy Maven / Gradle / Ivy

//
//  ========================================================================
//  Copyright (c) 1995-2012 Mort Bay Consulting Pty. Ltd.
//  ------------------------------------------------------------------------
//  All rights reserved. This program and the accompanying materials
//  are made available under the terms of the Eclipse Public License v1.0
//  and Apache License v2.0 which accompanies this distribution.
//
//      The Eclipse Public License is available at
//      http://www.eclipse.org/legal/epl-v10.html
//
//      The Apache License v2.0 is available at
//      http://www.opensource.org/licenses/apache2.0.php
//
//  You may elect to redistribute this code under either of these licenses.
//  ========================================================================
//

package org.eclipse.jetty.plus.jaas;

import java.security.Principal;
import java.security.acl.Group;
import java.util.Enumeration;


/* ---------------------------------------------------- */
/** StrictRoleCheckPolicy
 * 

Enforces that if a runAsRole is present, then the * role to check must be the same as that runAsRole and * the set of static roles is ignored. * * * * @org.apache.xbean.XBean description ="Check only topmost role in stack of roles for user" */ public class StrictRoleCheckPolicy implements RoleCheckPolicy { public boolean checkRole (String roleName, Principal runAsRole, Group roles) { //check if this user has had any temporary role pushed onto //them. If so, then only check if the user has that role. if (runAsRole != null) { return (roleName.equals(runAsRole.getName())); } else { if (roles == null) return false; Enumeration rolesEnum = roles.members(); boolean found = false; while (rolesEnum.hasMoreElements() && !found) { Principal p = (Principal)rolesEnum.nextElement(); found = roleName.equals(p.getName()); } return found; } } }





© 2015 - 2024 Weber Informatics LLC | Privacy Policy