<auth:isUserInRole> Tag

The <auth:isUserInRole> tag allows you to test the current user’s role so you can selectively display content wrapped by the tag. This allows an application to restrict display of application content by requiring authorization of the user accessing the JSP. If used within an entitled portlet, this effectively allows multiple levels of (finer grained) authorization. This tag uses the WLS security SPI within its implementation.

The set of roles evaluated by the <auth:isUserInRole> tag are the Visitor Roles defined by using the WebLogic Administration Portal and global roles defined using the WebLogic Administration Console. Also, any Role Mapping Provider that has roles mapped to the portal resource hierarchy will also be evaluated.

A single call to <auth:isUserInRole> will cause all Visitor Roles for the current web application to be evaluated, so care should be taken as to how large the role set is. The map of computed roles is evaluated at most once per request, but is not cached across requests.

Syntax

<auth:isUserInRole roleName=”roleNameToTest” roleMap=”roleMapVarName” />

Attributes

roleName
Required (String) - The name of the role required of the current user.

roleMap
Required (String) – The name of the page variable to assign the return java.util.Map value to. The caller may use the roleMap to determine what other evaluated roles the current user is in, if needed.

id
Required (String) - The name of the page variable to assign the return java.lang.Boolean to. If the caller is in the roleName, true is returned.

Example

In this example, a visitor role named “VisitorRole” has been previously defined in the WebLogic Administration Portal and is being tested for within a JSP page.

<%@ taglib uri="auth.tld" prefix="auth" %>
       .
       .
       .
       String aRoleName = “VisitorRole”;
<auth:isUserInRole roleName="<%=aRoleName%>" roleMap="myRoleMap"        id="access"/>
User is in role <%=aRoleName%>: <%=access.booleanValue()%>
       Full set of user roles: <%=myRoleMap.toString()%>
       <auth:isUserInRole roleName="VisitorRole2” roleMap="myRoleMap"        id="access">
       <p>Authorized application content for VisitorRole2</p>
       </auth:isUserInRole>