/** * Filters entity descriptor roles. * * @param descriptor entity descriptor to filter * * @throws FilterException thrown if an effective role name can not be determined */ protected void filterEntityDescriptor(EntityDescriptor descriptor) throws FilterException { List<RoleDescriptor> roles = descriptor.getRoleDescriptors(); if (roles != null && !roles.isEmpty()) { Iterator<RoleDescriptor> rolesItr = roles.iterator(); QName roleName; while (rolesItr.hasNext()) { roleName = getRoleName(rolesItr.next()); if (!roleWhiteList.contains(roleName)) { log.trace("Filtering out role {} from entity {}", roleName, descriptor.getEntityID()); rolesItr.remove(); } } } }