* allow mapping rules be applied only if the SC roles
* and the subject roles are not the same
*/
if(subjectRoles != userRoles || emptyContextRoles)
{
MappingContext mc = sc.getMappingManager().getMappingContext(Group.class);
if(mc != null)
{
Map contextMap = new HashMap();
contextMap.put(SecurityConstants.ROLES_IDENTIFIER, userRoles);
contextMap.put(SecurityConstants.PRINCIPAL_IDENTIFIER, principal);
//Append any deployment role->principals configuration done by the user
contextMap.put(SecurityConstants.DEPLOYMENT_PRINCIPAL_ROLES_MAP,
SecurityRolesAssociation.getSecurityRoles());
//Append the principals also
contextMap.put(SecurityConstants.PRINCIPALS_SET_IDENTIFIER, subject.getPrincipals());
if(trace)
log.trace("Roles before mapping:"+ userRoles);
mc.performMapping(contextMap, userRoles);
if(trace)
log.trace("Roles after mapping:"+ userRoles);
}
sc.getData().put(ROLES_IDENTIFIER, userRoles);
}