throws Exception {
// Check for existing administrative accounts with the same login
ServiceReference userDirectoryRef = bundleCtx.getServiceReference(DirectoryService.class.getName());
if (userDirectoryRef != null) {
DirectoryService systemDirectory = (DirectoryService) bundleCtx.getService(userDirectoryRef);
logger.debug("Checking new site '{}' user '{}' for shadowing of site or system account");
User shadowedUser = systemDirectory.loadUser(user, site);
if (shadowedUser != null) {
if (SecurityUtils.userHasRole(shadowedUser, SYSTEMADMIN))
throw new UserShadowedException("Site '" + site.getIdentifier() + "' account '" + user + "' is shadowing the system account");
else if (SecurityUtils.userHasRole(shadowedUser, SITEADMIN))
throw new UserShadowedException("Site '" + site.getIdentifier() + "' account '" + user + "' is shadowing the site account");