I need to answer the question.
Is userA a member of groupB either directly or indirectly.
userA is a member of about 100 groups, the group hierarchy is several
levels deep and
group membership can be discovered using
Authorizable#memberOf()
Authorizable#declaredMemberOf()
some of the principals are come from custom
PrincipalProvider implementations.
if i'm not mistaken you can configure multiple principalproviders.
if an authorizable has multiple principals (!= group
membership) then Authorizable#getPrincipals() is the thing
you are looking for.
The principal(s) of an authorizable are retrieved from the
principalmanager that in the default setup has been created
using the configured providers.
angela
