/** * Return <code>true</code> if the specified Principal has the specified security role, within the * context of this Realm; otherwise return <code>false</code>. This method can be overridden by * Realm implementations, but the default is adequate when an instance of <code>GenericPrincipal * </code> is used to represent authenticated Principals from this Realm. * * @param principal Principal for whom the role is to be checked * @param role Security role to be checked */ @Override public boolean hasRole(Wrapper wrapper, Principal principal, String role) { // Check for a role alias defined in a <security-role-ref> element if (wrapper != null) { String realRole = wrapper.findSecurityReference(role); if (realRole != null) role = realRole; } // Should be overridden in JAASRealm - to avoid pretty inefficient conversions if ((principal == null) || (role == null) || !(principal instanceof GenericPrincipal)) return (false); GenericPrincipal gp = (GenericPrincipal) principal; boolean result = gp.hasRole(role); if (log.isDebugEnabled()) { String name = principal.getName(); if (result) log.debug(sm.getString("realmBase.hasRoleSuccess", name, role)); else log.debug(sm.getString("realmBase.hasRoleFailure", name, role)); } return (result); }