/** See if the given JACC permission is implied using the caller as * obtained from either the * PolicyContext.getContext(javax.security.auth.Subject.container) or * the info associated with the requestPrincipal. * * @param perm - the JACC permission to check * @param requestPrincpal - the http request getPrincipal * @param caller the authenticated subject obtained by establishSubjectContext * @return true if the permission is allowed, false otherwise */ private boolean checkPolicy(Permission perm, Principal requestPrincpal, Subject caller, Role role) { // Get the caller principals, its null if there is no caller Principal[] principals = getPrincipals(caller,role); return checkPolicy(perm, principals); }
/** See if the given JACC permission is implied using the caller as * obtained from either the * PolicyContext.getContext(javax.security.auth.Subject.container) or * the info associated with the requestPrincipal. * * @param perm - the JACC permission to check * @param requestPrincpal - the http request getPrincipal * @param caller the authenticated subject obtained by establishSubjectContext * @return true if the permission is allowed, false otherwise */ private boolean checkPolicy(Permission perm, Principal requestPrincpal, Subject caller, Role role) { // Get the caller principals, its null if there is no caller Principal[] principals = getPrincipals(caller,role); return checkPolicy(perm, principals); }