1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19 package org.eclipse.jetty.security;
20
21 import java.util.Set;
22
23 import org.eclipse.jetty.server.Authentication.User;
24 import org.eclipse.jetty.server.UserIdentity;
25 import org.eclipse.jetty.server.UserIdentity.Scope;
26
27
28
29
30
31
32
33 public abstract class AbstractUserAuthentication implements User
34 {
35 protected String _method;
36 protected UserIdentity _userIdentity;
37
38
39 public AbstractUserAuthentication(String method, UserIdentity userIdentity)
40 {
41 _method = method;
42 _userIdentity = userIdentity;
43 }
44
45
46 @Override
47 public String getAuthMethod()
48 {
49 return _method;
50 }
51
52 @Override
53 public UserIdentity getUserIdentity()
54 {
55 return _userIdentity;
56 }
57
58 @Override
59 public boolean isUserInRole(Scope scope, String role)
60 {
61 String roleToTest = null;
62 if (scope!=null && scope.getRoleRefMap()!=null)
63 roleToTest=scope.getRoleRefMap().get(role);
64 if (roleToTest==null)
65 roleToTest=role;
66
67 if ("**".equals(roleToTest.trim()))
68 {
69
70
71
72 if (!declaredRolesContains("**"))
73 return true;
74 else
75 return _userIdentity.isUserInRole(role, scope);
76 }
77
78 return _userIdentity.isUserInRole(role, scope);
79 }
80
81 public boolean declaredRolesContains(String roleName)
82 {
83 SecurityHandler security=SecurityHandler.getCurrentSecurityHandler();
84 if (security==null)
85 return false;
86
87 if (security instanceof ConstraintAware)
88 {
89 Set<String> declaredRoles = ((ConstraintAware)security).getRoles();
90 return (declaredRoles != null) && declaredRoles.contains(roleName);
91 }
92
93 return false;
94 }
95 }