@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
Set<String> roles = new HashSet<String>();
Set<Permission> permissions = new HashSet<Permission>();
Collection<User> principalsList = principals.byType(User.class);
for (User userPrincipal : principalsList) {
try {
User user = userDAO.getById(userPrincipal.getId());
Set<Role> userRoles = user.getRoles();
for (Role role : userRoles) {
roles.add(role.getRole());
}
} catch (Exception e) {
e.printStackTrace();
}
}
SimpleAuthorizationInfo info = new SimpleAuthorizationInfo(roles);
info.setRoles(roles);
info.setObjectPermissions(permissions);
return info;
}
