@Override
  public void setUsersRoles(String userId, String source, Set<RoleIdentifier> roleIdentifiers)
      throws UserNotFoundException {
    // TODO: this is a bit sticky, what we really want to do is just expose the
    // RoleMappingUserManagers this way (i
    // think), maybe this is too generic

    boolean foundUser = false;

    for (UserManager userManager : getUserManagers()) {
      if (RoleMappingUserManager.class.isInstance(userManager)) {
        RoleMappingUserManager roleMappingUserManager = (RoleMappingUserManager) userManager;
        try {
          foundUser = true;
          roleMappingUserManager.setUsersRoles(
              userId,
              source,
              RoleIdentifier.getRoleIdentifiersForSource(userManager.getSource(), roleIdentifiers));
        } catch (UserNotFoundException e) {
          log.debug(
              "User '{}' is not managed by the user-manager: {}", userId, userManager.getSource());
        }
      }
    }

    if (!foundUser) {
      throw new UserNotFoundException(userId);
    }
    // clear the authz realm caches
    eventBus.post(new AuthorizationConfigurationChanged());
  }
  @Override
  public User updateUser(User user) throws UserNotFoundException, NoSuchUserManagerException {
    // first update the user
    // this is the UserManager that owns the user
    UserManager userManager = getUserManager(user.getSource());

    if (!userManager.supportsWrite()) {
      throw new ConfigurationException(
          "UserManager: " + userManager.getSource() + " does not support writing.");
    }

    final User oldUser = userManager.getUser(user.getUserId());
    userManager.updateUser(user);
    if (oldUser.getStatus() == UserStatus.active && user.getStatus() != oldUser.getStatus()) {
      // clear the realm authc caches as user got disabled
      eventBus.post(new UserPrincipalsExpired(user.getUserId(), user.getSource()));
    }

    // then save the users Roles
    for (UserManager tmpUserManager : getUserManagers()) {
      // skip the user manager that owns the user, we already did that
      // these user managers will only save roles
      if (!tmpUserManager.getSource().equals(user.getSource())
          && RoleMappingUserManager.class.isInstance(tmpUserManager)) {
        try {
          RoleMappingUserManager roleMappingUserManager = (RoleMappingUserManager) tmpUserManager;
          roleMappingUserManager.setUsersRoles(
              user.getUserId(),
              user.getSource(),
              RoleIdentifier.getRoleIdentifiersForSource(user.getSource(), user.getRoles()));
        } catch (UserNotFoundException e) {
          log.debug(
              "User '{}' is not managed by the user-manager: {}",
              user.getUserId(),
              tmpUserManager.getSource());
        }
      }
    }

    // clear the realm authz caches as user might get roles changed
    eventBus.post(new AuthorizationConfigurationChanged());

    return user;
  }
  @Override
  public User addUser(User user, String password) throws NoSuchUserManagerException {
    // first save the user
    // this is the UserManager that owns the user
    UserManager userManager = getUserManager(user.getSource());

    if (!userManager.supportsWrite()) {
      throw new ConfigurationException(
          "UserManager: " + userManager.getSource() + " does not support writing.");
    }

    userManager.addUser(user, password);

    // then save the users Roles
    for (UserManager tmpUserManager : getUserManagers()) {
      // skip the user manager that owns the user, we already did that
      // these user managers will only save roles
      if (!tmpUserManager.getSource().equals(user.getSource())
          && RoleMappingUserManager.class.isInstance(tmpUserManager)) {
        try {
          RoleMappingUserManager roleMappingUserManager = (RoleMappingUserManager) tmpUserManager;
          roleMappingUserManager.setUsersRoles(
              user.getUserId(),
              user.getSource(),
              RoleIdentifier.getRoleIdentifiersForSource(user.getSource(), user.getRoles()));
        } catch (UserNotFoundException e) {
          log.debug(
              "User '{}' is not managed by the user-manager: {}",
              user.getUserId(),
              tmpUserManager.getSource());
        }
      }
    }

    return user;
  }