]> git.argeo.org Git - lgpl/argeo-commons.git/blob - CurrentUser.java
projects / lgpl / argeo-commons.git / blob


68848f7df7bc7b658efbd1b14fcb17f215f5a4ba
[lgpl/argeo-commons.git] / CurrentUser.java
1 /*
2 * Copyright (C) 2007-2012 Argeo GmbH
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16 package org.argeo.cms.auth;
17
18 import java.security.AccessController;
19 import java.security.Principal;
20 import java.security.acl.Group;
21 import java.util.HashSet;
22 import java.util.Set;
23
24 import javax.security.auth.Subject;
25 import javax.security.auth.x500.X500Principal;
26
27 import org.argeo.cms.CmsException;
28 import org.argeo.eclipse.ui.specific.UiContext;
29 import org.argeo.node.NodeConstants;
30 import org.argeo.node.security.NodeAuthenticated;
31 import org.osgi.service.useradmin.Authorization;
32
33 /** Static utilities */
34 public final class CurrentUser {
35 /**
36 * @return the authenticated username or null if not authenticated /
37 * anonymous
38 */
39 public static String getUsername() {
40 return getUsername(currentSubject());
41 }
42
43 public static String getDisplayName() {
44 return getDisplayName(currentSubject());
45 }
46
47 public static boolean isAnonymous() {
48 return isAnonymous(currentSubject());
49 }
50
51 public static boolean isAnonymous(Subject subject) {
52 if (subject == null)
53 return true;
54 String username = getUsername(subject);
55 return username == null || username.equalsIgnoreCase(NodeConstants.ROLE_ANONYMOUS);
56 }
57
58 private static Subject currentSubject() {
59 NodeAuthenticated cmsView = getNodeAuthenticated();
60 if (cmsView != null)
61 return cmsView.getLoginContext().getSubject();
62 Subject subject = Subject.getSubject(AccessController.getContext());
63 if (subject != null)
64 return subject;
65 throw new CmsException("Cannot find related subject");
66 }
67
68 /**
69 * The node authenticated component (typically a CMS view) related to this
70 * display, or null if none is available from this call.
71 */
72 public static NodeAuthenticated getNodeAuthenticated() {
73 return UiContext.getData(NodeAuthenticated.KEY);
74 }
75
76 public final static String getUsername(Subject subject) {
77 if (subject == null)
78 throw new CmsException("Subject cannot be null");
79 if (subject.getPrincipals(X500Principal.class).size() != 1)
80 return NodeConstants.ROLE_ANONYMOUS;
81 Principal principal = subject.getPrincipals(X500Principal.class).iterator().next();
82 return principal.getName();
83 }
84
85 public final static String getDisplayName(Subject subject) {
86 return getAuthorization(subject).toString();
87 }
88
89 private static Authorization getAuthorization(Subject subject) {
90 return subject.getPrivateCredentials(Authorization.class).iterator().next();
91 }
92
93 public final static Set<String> roles() {
94 return roles(currentSubject());
95 }
96
97 public final static Set<String> roles(Subject subject) {
98 Set<String> roles = new HashSet<String>();
99 roles.add(getUsername(subject));
100 for (Principal group : subject.getPrincipals(Group.class)) {
101 roles.add(group.getName());
102 }
103 return roles;
104 }
105
106 private CurrentUser() {
107 }
108 }
Argeo Commons - Lightweight integration framework in pure Java/OSGi