}
catch (PrivilegedActionException e)
{
throw new IllegalStateException(e);
}
Group subjectRoles = getSubjectRoles(subject);
//Deal with the security context
SecurityContext sc = SubjectActions.getSecurityContext();
if(sc == null)
{
sc = new JBossSecurityContext(securityDomain);
SubjectActions.setSecurityContext(sc);
}
Group userRoles = (Group)sc.getData().get(ROLES_IDENTIFIER);
if(userRoles == null || "true".equalsIgnoreCase(SubjectActions.getRefreshSecurityContextRoles()))
emptyContextRoles = true;
userRoles = copyGroups(userRoles, subjectRoles);
/**
* Update the roles in the SecurityContext and
* allow mapping rules be applied only if the SC roles
* and the subject roles are not the same
*/
if(subjectRoles != userRoles || emptyContextRoles)
{
MappingManager mm = sc.getMappingManager();
MappingContext mc = mm.getMappingContext(Group.class);
Group mappedUserRoles = userRoles;
if(mc != null)
{
Map contextMap = new HashMap();
contextMap.put(SecurityConstants.ROLES_IDENTIFIER, userRoles);
contextMap.put(SecurityConstants.PRINCIPAL_IDENTIFIER, principal);