import java.security.PrivilegedAction;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
-import java.security.acl.Group;
import java.util.HashSet;
import java.util.Locale;
import java.util.Set;
import org.argeo.cms.CmsException;
import org.argeo.cms.internal.auth.CmsSessionImpl;
+import org.argeo.cms.internal.auth.ImpliedByPrincipal;
import org.argeo.cms.internal.kernel.Activator;
import org.argeo.node.NodeConstants;
import org.osgi.service.useradmin.Authorization;
public final static Set<String> roles(Subject subject) {
Set<String> roles = new HashSet<String>();
roles.add(getUsername(subject));
- for (Principal group : subject.getPrincipals(Group.class)) {
+ for (Principal group : subject.getPrincipals(ImpliedByPrincipal.class)) {
roles.add(group.getName());
}
return roles;
package org.argeo.cms.internal.auth;
import java.security.Principal;
-import java.security.acl.Group;
import java.util.Collections;
import java.util.Enumeration;
import java.util.HashSet;
/**
* A {@link Principal} which has been implied by an {@link Authorization}. If it
- * is empty it meeans this is an additional identity, otherwise it lists the
+ * is empty it means this is an additional identity, otherwise it lists the
* users (typically the logged in user but possibly empty
* {@link ImpliedByPrincipal}s) which have implied it. When an additional
- * identityx is removed, the related {@link ImpliedByPrincipal}s can thus be
+ * identity is removed, the related {@link ImpliedByPrincipal}s can thus be
* removed.
*/
-public final class ImpliedByPrincipal implements Group {
+public final class ImpliedByPrincipal implements Principal {
private final LdapName name;
private Set<Principal> causes = new HashSet<Principal>();
causes.add(userPrincipal);
}
- @Override
public String getName() {
return name.toString();
}
- @Override
public boolean addMember(Principal user) {
throw new UnsupportedOperationException();
}
- @Override
public boolean removeMember(Principal user) {
throw new UnsupportedOperationException();
}
- @Override
public boolean isMember(Principal member) {
return causes.contains(member);
}
- @Override
public Enumeration<? extends Principal> members() {
return Collections.enumeration(causes);
}