GeoFence Embedded Server does not check for plain Rule Services
Description
GeoFence Server InternalUserResolver currently checks only User Group Services
for (String serviceName : securityManager.listUserGroupServices()) {
...
this completely ignoring roles associate to users from a plain Role Service.
The proposal is to add a check for Role Services too
for (String roleServiceName : securityManager.listRoleServices()) {
if (securityManager.loadRoleService(roleServiceName).getRolesForUser(username) != null &&
!securityManager.loadRoleService(roleServiceName).getRolesForUser(username).isEmpty()) {
return true;
}
}
Environment
None
