4.5 - Drop Active Role
4 - Fortress Code Samples
4.7 - Add Role

4.6 - Authorized Roles

Set<String> authorizedRoles(Session session) throws SecurityException

This function returns the authorized roles associated with a session based on hierarchical relationships.

The function is valid if and only if the session is a valid Fortress session.

Parameters:

  • session - object contains the user’s returned RBAC session from the createSession method.

Returns:

  • Set containing all roles active in user’s session. This will contain inherited roles.

Throws:

  • SecurityException - is thrown if session invalid or system. error.

authorizedRoles

import org.apache.directory.fortress.core.AccessMgr;
import org.apache.directory.fortress.core.AccessMgrFactory;
import org.apache.directory.fortress.core.SecurityException;
import org.apache.directory.fortress.core.model.Session;

@test
public static void testAuthorizedRoles( Session session )
{
    String szLocation = ".testAuthorizedRoles";
    try
    {
        // Instantiate the AccessMgr implementation.
        AccessMgr accessMgr = AccessMgrFactory.createInstance();
        
        // Using Session object returned from createSession
        Set<String> roles = accessMgr.authorizedRoles( session );
        assertNotNull( roles );
        for ( String roleName : roles  )
        {
            LOG.info( szLocation + "user [" + session.getUserId() + "] role [" + roleName + "]" );
        }
    }
    catch ( SecurityException ex )
    {
        LOG.error( szLocation + " caught SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex );
        fail( ex.getMessage() );
    }
}
4.5 - Drop Active Role
4 - Fortress Code Samples
4.7 - Add Role