Java Code Examples for org.apache.catalina.Realm#hasRole()

The following examples show how to use org.apache.catalina.Realm#hasRole() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: Request.java    From Tomcat7.0.67 with Apache License 2.0 6 votes vote down vote up 
/**
 * Return <code>true</code> if the authenticated user principal
 * possesses the specified role name.
 *
 * @param role Role name to be validated
 */
@Override
public boolean isUserInRole(String role) {

    // Have we got an authenticated principal at all?
    if (userPrincipal == null) {
        return false;
    }

    // Identify the Realm we will use for checking role assignments
    if (context == null) {
        return false;
    }

    Realm realm = context.getRealm();
    if (realm == null) {
        return false;
    }

    // Check for a role defined directly as a <security-role>
    return (realm.hasRole(wrapper, userPrincipal, role));
}
Example 2
Source File: Request.java    From tomcatsrc with Apache License 2.0 6 votes vote down vote up 
/**
 * Return <code>true</code> if the authenticated user principal
 * possesses the specified role name.
 *
 * @param role Role name to be validated
 */
@Override
public boolean isUserInRole(String role) {

    // Have we got an authenticated principal at all?
    if (userPrincipal == null) {
        return false;
    }

    // Identify the Realm we will use for checking role assignments
    if (context == null) {
        return false;
    }

    Realm realm = context.getRealm();
    if (realm == null) {
        return false;
    }

    // Check for a role defined directly as a <security-role>
    return (realm.hasRole(wrapper, userPrincipal, role));
}
Example 3
Source File: Tomcat7Valve.java    From flex-blazeds with Apache License 2.0 6 votes vote down vote up 
public boolean authorize(Principal principal, List roles)
{
    Realm realm = valve.getContainer().getRealm();
    Iterator iter = roles.iterator();
    while (iter.hasNext())
    {
        String role = (String)iter.next();
        // For Tomcat 7, we need to get the wrapper from the request to support role mapping in the web.xml.
        // This is only supported for servlet endpoints. For NIO endpoints, the wrapper will be null.
        Wrapper wrapper = null;
        if (request != null)
        {
            // in the servlet case get the wrapper
            wrapper = request.getWrapper();
        }
        // for nio the wrapper will be null
        if (realm.hasRole(wrapper, principal, role))
            return true;
    }
    return false;
}
Example 4
Source File: Request.java    From Tomcat8-Source-Read with MIT License 5 votes vote down vote up 
/**
 * @return <code>true</code> if the authenticated user principal
 * possesses the specified role name.
 *
 * @param role Role name to be validated
 */
@Override
public boolean isUserInRole(String role) {

    // Have we got an authenticated principal at all?
    if (userPrincipal == null) {
        return false;
    }

    // Identify the Realm we will use for checking role assignments
    Context context = getContext();
    if (context == null) {
        return false;
    }

    // If the role is "*" then the return value must be false
    // Servlet 31, section 13.3
    if ("*".equals(role)) {
        return false;
    }

    // If the role is "**" then, unless the application defines a role with
    // that name, only check if the user is authenticated
    if ("**".equals(role) && !context.findSecurityRole("**")) {
        return userPrincipal != null;
    }

    Realm realm = context.getRealm();
    if (realm == null) {
        return false;
    }

    // Check for a role defined directly as a <security-role>
    return realm.hasRole(getWrapper(), userPrincipal, role);
}
Example 5
Source File: TomcatValve.java    From flex-blazeds with Apache License 2.0 5 votes vote down vote up 
public boolean authorize(Principal principal, List roles)
{
    Realm realm = container.getRealm();
    Iterator iter = roles.iterator();
    while (iter.hasNext())
    {
        String role = (String)iter.next();
        if (realm.hasRole(principal, role))
            return true;
    }
    return false;
}
Example 6
Source File: TomcatValve4150.java    From flex-blazeds with Apache License 2.0 5 votes vote down vote up 
public boolean authorize(Principal principal, List roles)
{

    Realm realm = container.getRealm();
    Iterator iter = roles.iterator();
    while (iter.hasNext())
    {
        String role = (String)iter.next();
        if (realm.hasRole(principal, role))
            return true;
    }
    return false;
}
Example 7
Source File: TomEERealm.java    From tomee with Apache License 2.0 5 votes vote down vote up 
@Override
public boolean hasRole(final Wrapper wrapper, final Principal principal, final String rawRole) {
    String role = rawRole;

    // Check for a role alias defined in a <security-role-ref> element
    if (wrapper != null) {
        final String realRole = wrapper.findSecurityReference(role);
        if (realRole != null) {
            role = realRole;
        }
    }

    if (principal == null || role == null) {
        return false;
    }

    if (principal instanceof  GenericPrincipal) {
        return ((GenericPrincipal) principal).hasRole(role);
    }

    for (final Realm realm : realms) { // when used implicitely (always?) realms.size == 1 so no need of a strategy
        if (realm.hasRole(wrapper, principal, rawRole)) {
            return true;
        }
    }
    return false;
}