2 * Copyright (C) 2007-2012 Argeo GmbH
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
16 package org
.argeo
.security
;
18 import java
.util
.ArrayList
;
19 import java
.util
.Collections
;
20 import java
.util
.List
;
22 import org
.springframework
.security
.Authentication
;
23 import org
.springframework
.security
.GrantedAuthority
;
24 import org
.springframework
.security
.context
.SecurityContext
;
25 import org
.springframework
.security
.context
.SecurityContextHolder
;
26 import org
.springframework
.security
.providers
.anonymous
.AnonymousAuthenticationToken
;
28 /** Static utilities */
29 public class SecurityUtils
{
31 private SecurityUtils() {
34 /** Whether the current thread has the admin role */
35 public static boolean hasCurrentThreadAuthority(String authority
) {
36 SecurityContext securityContext
= SecurityContextHolder
.getContext();
37 if (securityContext
!= null) {
38 Authentication authentication
= securityContext
.getAuthentication();
39 if (authentication
!= null) {
40 for (GrantedAuthority ga
: authentication
.getAuthorities())
41 if (ga
.getAuthority().equals(authority
))
49 * @return the authenticated username or null if not authenticated /
52 public static String
getCurrentThreadUsername() {
53 SecurityContext securityContext
= SecurityContextHolder
.getContext();
54 if (securityContext
!= null) {
55 Authentication authentication
= securityContext
.getAuthentication();
56 if (authentication
!= null) {
57 if (authentication
instanceof AnonymousAuthenticationToken
) {
60 return authentication
.getName();
67 * Returns the display name of the user details (by calling toString() on
70 public static String
getUserDetailsDisplayName() {
71 SecurityContext securityContext
= SecurityContextHolder
.getContext();
72 if (securityContext
!= null) {
73 Authentication authentication
= securityContext
.getAuthentication();
74 if (authentication
!= null) {
75 if (authentication
instanceof AnonymousAuthenticationToken
) {
78 Object details
= authentication
.getDetails();
80 return details
.toString();
81 return authentication
.getName();
88 * Converts an array of Spring Security {@link GrantedAuthority} to a
89 * read-only list of strings, for portability and integration
91 public static List
<String
> authoritiesToStringList(
92 GrantedAuthority
[] authorities
) {
93 List
<String
> lst
= new ArrayList
<String
>();
94 for (GrantedAuthority ga
: authorities
)
95 lst
.add(ga
.getAuthority());
96 return Collections
.unmodifiableList(lst
);