Authorization auth = systemRoles.getAuthorization((User) userAdmin.getRole(role));
sysRoles.addAll(Arrays.asList(auth.getRoles()));
}
+ addAbstractSystemRoles(rawAuthorization, sysRoles);
Authorization authorization = new AggregatingAuthorization(rawAuthorization.getName(),
rawAuthorization.toString(), sysRoles, rawAuthorization.getRoles());
return authorization;
}
+ /**
+ * Enrich with application-specific roles which are strictly programmatic, such
+ * as anonymous/user semantics.
+ */
+ protected void addAbstractSystemRoles(Authorization rawAuthorization, Set<String> sysRoles) {
+
+ }
+
//
// USER ADMIN AGGREGATOR
//
private UserAdmin findUserAdmin(String name) {
try {
- return findUserAdmin(new LdapName(name));
+ UserAdmin userAdmin = findUserAdmin(new LdapName(name));
+ return userAdmin;
} catch (InvalidNameException e) {
throw new UserDirectoryException("Badly formatted name " + name, e);
}
return systemRoles;
List<UserAdmin> res = new ArrayList<UserAdmin>(1);
for (LdapName baseDn : businessRoles.keySet()) {
- if (name.startsWith(baseDn))
- res.add(businessRoles.get(baseDn));
+ if (name.startsWith(baseDn)) {
+ AbstractUserDirectory ud = businessRoles.get(baseDn);
+ if (!ud.isDisabled())
+ res.add(ud);
+ }
}
if (res.size() == 0)
throw new UserDirectoryException("Cannot find user admin for " + name);
}
/**
- * Called before each user directory is destroyed, so that additional
- * actions can be performed.
+ * Called before each user directory is destroyed, so that additional actions
+ * can be performed.
*/
protected void preDestroy(AbstractUserDirectory userDirectory) {
}