[security-dev] query role mappings of a particular partition
Pedro Igor Silva
psilva at redhat.com
Mon Jun 24 10:15:27 EDT 2013
----- Original Message -----
> From: "Bill Burke" <bburke at redhat.com>
> To: security-dev at lists.jboss.org
> Sent: Monday, June 24, 2013 9:21:18 AM
> Subject: [security-dev] query role mappings of a particular partition
>
> If I have Users defined in one partition (a realm) and roles defined in
> another partition (Tier), how do I:
>
> * grant a tier role to a realm user?
Is just a matter of creating/loading a role for a specific Tier and use IM.grantRole(user, role). You can check if an user has a specific role by using IM.hasRole method.
We have some test cases for that.
> * query grants of a user for a specific tier?
>
You can use the Query API for that. Something like this:
// here we create an IM for a specific Tier
IdentityManager applicationA = getIdentityManagerFactory().createIdentityManager(new Tier("Application A");
IdentityQuery<Role> query = applicationA.createIdentityQuery(Role.class);
// query all roles associated with user
query.setParameter(Role.ROLE_OF, user);
List<Role> result = query.getResultList();
Or:
RelationshipQuery<Grant> relationshipQuery = identityManager.createRelationshipQuery(Grant.class);
relationshipQuery.setParameter(Grant.ASSIGNEE, user);
List<Grant> resultList = relationshipQuery.getResultList();
> I guess I have to query for all the Grants for a particular user, then
> filter them out based on the Role's partition?
> --
> Bill Burke
> JBoss, a division of Red Hat
> http://bill.burkecentral.com
> _______________________________________________
> security-dev mailing list
> security-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/security-dev
>
More information about the security-dev
mailing list