2 // ========================================================================
3 // Copyright (c) 1995-2014 Mort Bay Consulting Pty. Ltd.
4 // ------------------------------------------------------------------------
5 // All rights reserved. This program and the accompanying materials
6 // are made available under the terms of the Eclipse Public License v1.0
7 // and Apache License v2.0 which accompanies this distribution.
9 // The Eclipse Public License is available at
10 // http://www.eclipse.org/legal/epl-v10.html
12 // The Apache License v2.0 is available at
13 // http://www.opensource.org/licenses/apache2.0.php
15 // You may elect to redistribute this code under either of these licenses.
16 // ========================================================================
19 package org.eclipse.jetty.security;
21 import java.io.Serializable;
24 import org.eclipse.jetty.server.Authentication.User;
25 import org.eclipse.jetty.server.UserIdentity;
26 import org.eclipse.jetty.server.UserIdentity.Scope;
29 * AbstractUserAuthentication
32 * Base class for representing an authenticated user.
34 public abstract class AbstractUserAuthentication implements User, Serializable
36 private static final long serialVersionUID = -6290411814232723403L;
37 protected String _method;
38 protected transient UserIdentity _userIdentity;
42 public AbstractUserAuthentication(String method, UserIdentity userIdentity)
45 _userIdentity = userIdentity;
50 public String getAuthMethod()
56 public UserIdentity getUserIdentity()
62 public boolean isUserInRole(Scope scope, String role)
64 String roleToTest = null;
65 if (scope!=null && scope.getRoleRefMap()!=null)
66 roleToTest=scope.getRoleRefMap().get(role);
69 //Servlet Spec 3.1 pg 125 if testing special role **
70 if ("**".equals(roleToTest.trim()))
72 //if ** is NOT a declared role name, the we return true
73 //as the user is authenticated. If ** HAS been declared as a
74 //role name, then we have to check if the user has that role
75 if (!declaredRolesContains("**"))
78 return _userIdentity.isUserInRole(role, scope);
81 return _userIdentity.isUserInRole(role, scope);
84 public boolean declaredRolesContains(String roleName)
86 SecurityHandler security=SecurityHandler.getCurrentSecurityHandler();
90 if (security instanceof ConstraintAware)
92 Set<String> declaredRoles = ((ConstraintAware)security).getRoles();
93 return (declaredRoles != null) && declaredRoles.contains(roleName);