[jboss-user] [EJB 3.0] - Re: Programmatically query @RolesAllowed or if caller can ac

Juergen.Zimmermann do-not-reply at jboss.com
Tue Aug 8 02:04:44 EDT 2006


You also can do it this way


  | // Get the authentified subject
  | Subject subject = null;
  | try {
  |    subject = (Subject) PolicyContext.getContext("javax.security.auth.Subject.container");
  | }
  | catch (PolicyContextException e) {
  |    LOG.error(...);
  | }
  | if (DEBUG) LOG.debug("Subject: " + subject);
  | 
  | // Get all roles of the authentified subject
  | // JBoss proprietary: via SimpleGroup
  | final Set<Principal> principals = subject.getPrincipals(Principal.class);
  | for (Principal p: principals) {
  |    if (p instanceof SimpleGroup) {
  |       final SimpleGroup sg = (SimpleGroup) p;
  |       if ("Roles".equals(sg.getName())) {
  |          final Enumeration roles = sg.members();
  |          while (roles.hasMoreElements()) {
  |             final String r = roles.nextElement().toString();
  |             if (DEBUG) LOG.debug("..." + r);
  |          }
  |       }
  |    }
  | }

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3963701#3963701

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3963701



More information about the jboss-user mailing list