This content has been marked as final.
Show 3 replies
-
1. Re: Security flaw in Seam docs, section 12.3.2
shane.bryzak Apr 4, 2007 9:58 AM (in response to waynebagguley)You're right, the roles weren't being removed from the subject. I've fixed this in CVS.
-
2. Re: Security flaw in Seam docs, section 12.3.2
waynebagguley Apr 4, 2007 10:21 AM (in response to waynebagguley)How do I remove all the roles in one go?
-
3. Re: Security flaw in Seam docs, section 12.3.2
shane.bryzak Apr 4, 2007 10:27 AM (in response to waynebagguley)You have direct access to the subject via Identity.getSubject(), if you want to remove all the roles simply iterate through the principals in the subject until you find the "Roles" group. Here's an example:
for ( Group sg : Identity.instance().getSubject().getPrincipals(Group.class) ) { if ( Identity.ROLES_GROUP.equals( sg.getName() ) ) { Identity.instance().getSubject().getPrincipals().remove(sg); break; } }