@Override protected Collection<GeoServerRole> getRoles(HttpServletRequest request, String principal) throws IOException { if (J2eeAuthenticationBaseFilterConfig.J2EERoleSource.J2EE.equals(getRoleSource())) { return getRolesFromJ2EE(request, principal); } return super.getRoles(request, principal); }
/** * Implements roles retrieval from the J2EE container. * * @param request * @param principal * @throws IOException */ protected Collection<GeoServerRole> getRolesFromJ2EE( HttpServletRequest request, String principal) throws IOException { Collection<GeoServerRole> roles = new ArrayList<GeoServerRole>(); boolean useActiveService = getRoleServiceName() == null || getRoleServiceName().trim().length() == 0; GeoServerRoleService service = useActiveService ? getSecurityManager().getActiveRoleService() : getSecurityManager().loadRoleService(getRoleServiceName()); for (GeoServerRole role : service.getRoles()) if (request.isUserInRole(role.getAuthority())) roles.add(role); RoleCalculator calc = new RoleCalculator(service); calc.addInheritedRoles(roles); calc.addMappedSystemRoles(roles); return roles; } }
@Override public void initializeFromConfig(SecurityNamedServiceConfig config) throws IOException { super.initializeFromConfig(config); // not needed at the moment // X509CertificateAuthenticationFilterConfig authConfig = // (X509CertificateAuthenticationFilterConfig) config; setPrincipalExtractor(new SubjectDnX509PrincipalExtractor()); }