2 * Copyright (C) 2007-2012 Argeo GmbH
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
16 package org
.argeo
.security
;
18 import java
.util
.ArrayList
;
19 import java
.util
.Collection
;
20 import java
.util
.Collections
;
21 import java
.util
.List
;
23 import org
.springframework
.security
.authentication
.AnonymousAuthenticationToken
;
24 import org
.springframework
.security
.core
.Authentication
;
25 import org
.springframework
.security
.core
.GrantedAuthority
;
26 import org
.springframework
.security
.core
.context
.SecurityContext
;
27 import org
.springframework
.security
.core
.context
.SecurityContextHolder
;
29 /** Static utilities */
30 public class SecurityUtils
{
32 private SecurityUtils() {
35 /** Whether the current thread has the admin role */
36 public static boolean hasCurrentThreadAuthority(String authority
) {
37 SecurityContext securityContext
= SecurityContextHolder
.getContext();
38 if (securityContext
!= null) {
39 Authentication authentication
= securityContext
.getAuthentication();
40 if (authentication
!= null) {
41 for (GrantedAuthority ga
: authentication
.getAuthorities())
42 if (ga
.getAuthority().equals(authority
))
50 * @return the authenticated username or null if not authenticated /
53 public static String
getCurrentThreadUsername() {
54 SecurityContext securityContext
= SecurityContextHolder
.getContext();
55 if (securityContext
!= null) {
56 Authentication authentication
= securityContext
.getAuthentication();
57 if (authentication
!= null) {
58 if (authentication
instanceof AnonymousAuthenticationToken
) {
61 return authentication
.getName();
68 * Returns the display name of the user details (by calling toString() on
71 public static String
getUserDetailsDisplayName() {
72 SecurityContext securityContext
= SecurityContextHolder
.getContext();
73 if (securityContext
!= null) {
74 Authentication authentication
= securityContext
.getAuthentication();
75 if (authentication
!= null) {
76 if (authentication
instanceof AnonymousAuthenticationToken
) {
79 Object details
= authentication
.getDetails();
81 return details
.toString();
82 return authentication
.getName();
89 * Converts an array of Spring Security {@link GrantedAuthority} to a
90 * read-only list of strings, for portability and integration
92 public static List
<String
> authoritiesToStringList(
93 Collection
<?
extends GrantedAuthority
> authorities
) {
94 List
<String
> lst
= new ArrayList
<String
>();
95 for (GrantedAuthority ga
: authorities
)
96 lst
.add(ga
.getAuthority());
97 return Collections
.unmodifiableList(lst
);