星期五, 六月 26, 2009

JBOSS通过JAAS框架验证用户后,如何得到用户所有的角色?

代码:

private void findRole() throws PolicyContextException {

// Get the Authenticated Subject
Subject subject = (Subject) PolicyContext.getContext("javax.security.auth.Subject.container");

// Now look for a Group called Roles
Set principals = subject.getPrincipals(Principal.class);
Iterator iter = principals.iterator();
while(iter.hasNext()) {
Principal p = (Principal)iter.next();
if(p instanceof SimpleGroup) {
SimpleGroup sg = (SimpleGroup)p;
if("Roles".equals(sg.getName())) {
Enumeration en = sg.members();
while(en.hasMoreElements()) {
String role = en.nextElement().toString();
if(role != null) {
setRole(role);
}
}
}
}
}
}