[PLUTO-46] PortletRequestImpl: isUserInRole(role) must use aliased role-name in portlet.xml - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Resolution: Fixed
Affects Version/s: unspecified
Fix Version/s: 1.0.1-rc2
Component/s: portlet container
Labels:
None
Environment:
Operating System: Other
Platform: Other

Bugzilla Id:
28708

Description

Method isUserInRole(String) of class
org.apache.pluto.core.impl.PortletRequestImpl must use the security role
reference mapping defined in portlet.xml (spec. jsr168 PLT.20.3).

I propose this new method for the implementation:

BEGIN ======================================================
public boolean isUserInRole(String roleName)
{
boolean userInRole = false;
SecurityRoleRef securityRoleRef = portletWindow.getPortletEntity
().getPortletDefinition().getInitSecurityRoleRefSet().get(roleName);
/*

PLT.20.3:
"... A security-role-ref element MUST be declared by the
portlet
in deployment descriptor with a role-name sub-element
containing
the role-name to be passed to the method."
*/
if ( securityRoleRef != null )
Unknown macro: { String roleLink = securityRoleRef.getRoleLink(); if (roleLink == null) { /* "If the security-role-ref element does not define a role-link element, * the container must default to checking the role- name element argument * against the list of security-role elements defined in the web.xml * deployment descriptor of the portlet application." */ roleLink = roleName; } userInRole = this._getHttpServletRequest().isUserInRole(roleLink); }

return userInRole;
}
END ======================================================

Regards,
Fred. Arnoud

Attachments

Activity

People

Assignee:: Unassigned

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Dates

Created:: 30/Apr/04 17:36

Updated:: 22/Feb/07 04:58

Resolved:: 30/Jul/04 18:50