Author: thomas.heute(a)jboss.com
Date: 2011-09-08 05:12:28 -0400 (Thu, 08 Sep 2011)
New Revision: 14015
Modified:
modules/cms/trunk/cms-jackrabbit/src/main/java/org/jboss/portal/cms/security/AuthorizationProviderImpl.java
Log:
JBEPP-918
Secured content not available through CMSPreviewServlet if LDAP is used
Modified:
modules/cms/trunk/cms-jackrabbit/src/main/java/org/jboss/portal/cms/security/AuthorizationProviderImpl.java
===================================================================
---
modules/cms/trunk/cms-jackrabbit/src/main/java/org/jboss/portal/cms/security/AuthorizationProviderImpl.java 2011-09-07
13:04:06 UTC (rev 14014)
+++
modules/cms/trunk/cms-jackrabbit/src/main/java/org/jboss/portal/cms/security/AuthorizationProviderImpl.java 2011-09-08
09:12:28 UTC (rev 14015)
@@ -493,15 +493,9 @@
permissions.addAll(roleQuery.list());
}
else
- {
-
+ {
- // in the case of LDAP use the IdentityModule
- // now find permissions for all the roles that this user belongs to
- //Set belongedRoles = this.membershipModule.getRoles(this.userModule
- // .findUserByUserName(userId));
-
- Set belongedRoles = getCurrentRoles();
+ Set belongedRoles = getCurrentRoles(userId);
if (belongedRoles != null)
{
@@ -585,7 +579,7 @@
return permissions;
}
- private Set getCurrentRoles() throws PolicyContextException
+ private Set getCurrentRoles(String userId) throws PolicyContextException,
IdentityException
{
Set<String> roles = new HashSet<String>();
@@ -617,6 +611,17 @@
}
}
}
+ // JBEPP-918: Fallback if JACC context is not available,
+ // for instance when the call is coming from the CMSPreviewServlet
+ else
+ {
+ Set ldapRoles =
this.membershipModule.getRoles(this.userModule.findUserByUserName(userId));
+ for (Iterator i = ldapRoles.iterator(); i.hasNext();)
+ {
+ Role role = (Role)i.next();
+ roles.add(role.getName());
+ }
+ }
if(roles.isEmpty())
{
Show replies by date