use of javax.security.enterprise.identitystore.IdentityStorePermission in project tomee by apache.
the class TomEEDefaultIdentityStore method getCallerGroups.
@Override
public Set<String> getCallerGroups(final CredentialValidationResult validationResult) {
final SecurityManager securityManager = System.getSecurityManager();
if (securityManager != null) {
securityManager.checkPermission(new IdentityStorePermission("getGroups"));
}
final User user = getUser(validationResult.getCallerPrincipal().getName());
return getUserRoles(user);
}
use of javax.security.enterprise.identitystore.IdentityStorePermission in project tomee by apache.
the class TomEELDAPIdentityStore method getCallerGroups.
@Override
public Set<String> getCallerGroups(final CredentialValidationResult validationResult) {
final SecurityManager securityManager = System.getSecurityManager();
if (securityManager != null) {
securityManager.checkPermission(new IdentityStorePermission("getGroups"));
}
LdapContext ldapContext = null;
try {
ldapContext = lookup(definition.url(), definition.bindDn(), definition.bindDnPassword());
String callerDn = validationResult.getCallerDn();
// if not set as CallerDn, try to find it based on the principal name
if (StringUtils.isEmpty(callerDn)) {
callerDn = getCallerDn(ldapContext, validationResult.getCallerPrincipal().getName());
}
return getGroupsWithCallerDn(ldapContext, callerDn);
} finally {
silentlyCloseLdapContext(ldapContext);
}
}
Aggregations