]> git.argeo.org Git - lgpl/argeo-commons.git/blob - org.argeo.security.core/src/org/argeo/security/SecurityUtils.java
projects / lgpl / argeo-commons.git / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
RCP launch
[lgpl/argeo-commons.git] / org.argeo.security.core / src / org / argeo / security / SecurityUtils.java
1 /*
2 * Copyright (C) 2007-2012 Argeo GmbH
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16 package org.argeo.security;
17
18 import java.util.ArrayList;
19 import java.util.Collection;
20 import java.util.Collections;
21 import java.util.List;
22
23 import org.springframework.security.authentication.AnonymousAuthenticationToken;
24 import org.springframework.security.core.Authentication;
25 import org.springframework.security.core.GrantedAuthority;
26 import org.springframework.security.core.context.SecurityContext;
27 import org.springframework.security.core.context.SecurityContextHolder;
28
29 /** Static utilities */
30 public class SecurityUtils {
31
32 private SecurityUtils() {
33 }
34
35 /** Whether the current thread has the admin role */
36 public static boolean hasCurrentThreadAuthority(String authority) {
37 SecurityContext securityContext = SecurityContextHolder.getContext();
38 if (securityContext != null) {
39 Authentication authentication = securityContext.getAuthentication();
40 if (authentication != null) {
41 for (GrantedAuthority ga : authentication.getAuthorities())
42 if (ga.getAuthority().equals(authority))
43 return true;
44 }
45 }
46 return false;
47 }
48
49 /**
50 * @return the authenticated username or null if not authenticated /
51 * anonymous
52 */
53 public static String getCurrentThreadUsername() {
54 SecurityContext securityContext = SecurityContextHolder.getContext();
55 if (securityContext != null) {
56 Authentication authentication = securityContext.getAuthentication();
57 if (authentication != null) {
58 if (authentication instanceof AnonymousAuthenticationToken) {
59 return null;
60 }
61 return authentication.getName();
62 }
63 }
64 return null;
65 }
66
67 /**
68 * Returns the display name of the user details (by calling toString() on
69 * it)
70 */
71 public static String getUserDetailsDisplayName() {
72 SecurityContext securityContext = SecurityContextHolder.getContext();
73 if (securityContext != null) {
74 Authentication authentication = securityContext.getAuthentication();
75 if (authentication != null) {
76 if (authentication instanceof AnonymousAuthenticationToken) {
77 return null;
78 }
79 Object details = authentication.getDetails();
80 if (details != null)
81 return details.toString();
82 return authentication.getName();
83 }
84 }
85 return null;
86 }
87
88 /**
89 * Converts an array of Spring Security {@link GrantedAuthority} to a
90 * read-only list of strings, for portability and integration
91 */
92 public static List<String> authoritiesToStringList(
93 Collection<? extends GrantedAuthority> authorities) {
94 List<String> lst = new ArrayList<String>();
95 for (GrantedAuthority ga : authorities)
96 lst.add(ga.getAuthority());
97 return Collections.unmodifiableList(lst);
98 }
99 }
Argeo Commons - Lightweight integration framework in pure Java/OSGi