@Override
public boolean isUserInRole(Scope scope, String role) {
String roleToTest = null;
if (scope != null && scope.getRoleRefMap() != null)
roleToTest = scope.getRoleRefMap().get(role);
if (roleToTest == null) roleToTest = role;
// Servlet Spec 3.1 pg 125 if testing special role **
if ("**".equals(roleToTest.trim())) {
// if ** is NOT a declared role name, the we return true
// as the user is authenticated. If ** HAS been declared as a
// role name, then we have to check if the user has that role
if (!declaredRolesContains("**")) return true;
else return _userIdentity.isUserInRole(role, scope);
}
return _userIdentity.isUserInRole(role, scope);
}
