2 * Copyright (C) 2007-2012 Argeo GmbH
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
16 package org
.argeo
.cms
.auth
;
18 import java
.security
.AccessController
;
19 import java
.security
.Principal
;
20 import java
.security
.acl
.Group
;
21 import java
.util
.HashSet
;
24 import javax
.security
.auth
.Subject
;
25 import javax
.security
.auth
.x500
.X500Principal
;
27 import org
.argeo
.cms
.CmsException
;
28 import org
.argeo
.eclipse
.ui
.specific
.UiContext
;
29 import org
.argeo
.node
.NodeConstants
;
30 import org
.argeo
.node
.security
.NodeAuthenticated
;
31 import org
.osgi
.service
.useradmin
.Authorization
;
33 /** Static utilities */
34 public final class CurrentUser
{
37 * @return the authenticated username or null if not authenticated /
40 public static String
getUsername() {
41 return getUsername(currentSubject());
44 public static String
getDisplayName() {
45 return getDisplayName(currentSubject());
48 public static boolean isAnonymous() {
49 return isAnonymous(currentSubject());
52 public static boolean isRegistered() {
53 return !isAnonymous();
56 public static boolean isAnonymous(Subject subject
) {
59 String username
= getUsername(subject
);
60 return username
== null
61 || username
.equalsIgnoreCase(NodeConstants
.ROLE_ANONYMOUS
);
65 * The node authenticated component (typically a CMS view) related to this
66 * display, or null if none is available from this call.
68 public static NodeAuthenticated
getNodeAuthenticated() {
69 return UiContext
.getData(NodeAuthenticated
.KEY
);
72 public final static String
getUsername(Subject subject
) {
74 throw new CmsException("Subject cannot be null");
75 if (subject
.getPrincipals(X500Principal
.class).size() != 1)
76 return NodeConstants
.ROLE_ANONYMOUS
;
77 Principal principal
= subject
.getPrincipals(X500Principal
.class)
79 return principal
.getName();
82 public final static String
getDisplayName(Subject subject
) {
83 return getAuthorization(subject
).toString();
86 private static Authorization
getAuthorization(Subject subject
) {
87 return subject
.getPrivateCredentials(Authorization
.class).iterator()
91 public final static Set
<String
> roles() {
92 return roles(currentSubject());
95 private static Subject
currentSubject() {
96 NodeAuthenticated cmsView
= getNodeAuthenticated();
98 return cmsView
.getLoginContext().getSubject();
99 Subject subject
= Subject
.getSubject(AccessController
.getContext());
102 throw new CmsException("Cannot find related subject");
105 /** Returns true if the current user is in the specified role */
106 public static boolean isInRole(String role
) {
107 Set
<String
> roles
= roles();
108 return roles
.contains(role
);
111 public final static Set
<String
> roles(Subject subject
) {
112 Set
<String
> roles
= new HashSet
<String
>();
113 roles
.add(getUsername(subject
));
114 for (Principal group
: subject
.getPrincipals(Group
.class)) {
115 roles
.add(group
.getName());
120 private CurrentUser() {