Details
-
Feature Request
-
Resolution: Obsolete
-
Major
-
None
-
None
Description
The OptionsRoleMappingProvider available in picketbox jars is intended to provided a simple way to map some toles to other roles.
This case is usefull in many cases where you get roles from a system and want to map them to one or several JaaS Roles.
However, OptionsRoleMappingProvider cannot be used in AS7 to map roles to groups because this provider contains an attribute Properties roleMaps which requires a Properties object to be initialized.
A Properties object cannot be passed by AS7 configuration, so this provider cannot be used as is.
Here is its required syntax according to picketbox documentation:
<mapping-module code="org.jboss.security.mapping.providers.OptionsRoleMappingProvider" type="role"> <module-option name="rolesMap" > <java:properties xmlns:java="urn:jboss:java-properties" xmlns:xs="http://www.w3.org/2001/XMLSchema-instance" xs:schemaLocation="urn:jboss:java-properties resource:java-properties_1_0.xsd"> <java:property> <java:key>validuser</java:key> <java:value>AuthorizedUser,InternalUser</java:value> </java:property> </java:properties> </module-option> <module-option name="replaceRoles">false</module-option> </mapping-module> </mapping>
Such a syntax is not possible in AS7.
Here is the incriminated code:
private Properties roleMapProperties = new Properties(); /** * Specifies */ private boolean REPLACE_ROLES = false; public void init(Map<String,Object> opt) { this.options = opt; if(options != null) { if(options.containsKey(REPLACE_ROLES_STRING)) { REPLACE_ROLES = "true".equalsIgnoreCase((String)options.get(REPLACE_ROLES_STRING)); } if(options.containsKey(ROLES_MAP)) { roleMapProperties = (Properties)options.get(ROLES_MAP); } } }
As you can see, roleMapProperties is a Properties.
But in AS7, options.get(ROLES_MAP) returns a String.
So an adapter is required to make the AS match the contract, or another implemtation is required.
