[jboss-cvs] JBossAS SVN: r57798 - projects/security/trunk/src/main/org/jboss/security/plugins
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Tue Oct 24 12:45:39 EDT 2006
Author: anil.saldhana at jboss.com
Date: 2006-10-24 12:45:38 -0400 (Tue, 24 Oct 2006)
New Revision: 57798
Modified:
projects/security/trunk/src/main/org/jboss/security/plugins/JBossAuthorizationManager.java
Log:
Do not reuse the subject roles
Modified: projects/security/trunk/src/main/org/jboss/security/plugins/JBossAuthorizationManager.java
===================================================================
--- projects/security/trunk/src/main/org/jboss/security/plugins/JBossAuthorizationManager.java 2006-10-24 16:44:55 UTC (rev 57797)
+++ projects/security/trunk/src/main/org/jboss/security/plugins/JBossAuthorizationManager.java 2006-10-24 16:45:38 UTC (rev 57798)
@@ -43,6 +43,7 @@
import org.jboss.security.NobodyPrincipal;
import org.jboss.security.SecurityConstants;
import org.jboss.security.SecurityContext;
+import org.jboss.security.SimpleGroup;
import org.jboss.security.Util;
import org.jboss.security.authorization.AuthorizationContext;
import org.jboss.security.authorization.AuthorizationException;
@@ -307,7 +308,7 @@
}
Group userRoles = (Group)sc.getData().get(JBossSecurityContext.ROLES);
- if(userRoles == null)
+ if(userRoles == null || "true".equalsIgnoreCase(SubjectActions.getRefreshSecurityContextRoles()))
emptyContextRoles = true;
userRoles = copyGroups(userRoles, subjectRoles);
@@ -351,15 +352,13 @@
if(toCopy == null)
return source;
if(source == null && toCopy != null)
- source = toCopy;
- else
+ source = new SimpleGroup(SecurityConstants.ROLES_IDENTIFIER);
+ Enumeration en = toCopy.members();
+ while(en.hasMoreElements())
{
- Enumeration en = toCopy.members();
- while(en.hasMoreElements())
- {
- source.addMember((Principal)en.nextElement());
- }
- }
+ source.addMember((Principal)en.nextElement());
+ }
+
return source;
}
More information about the jboss-cvs-commits
mailing list