Improve login mechanism, based on JAAS

[lgpl/argeo-commons.git] / org.argeo.security.core / src / org / argeo / security / SecurityUtils.java

diff --git a/org.argeo.security.core/src/org/argeo/security/SecurityUtils.java b/org.argeo.security.core/src/org/argeo/security/SecurityUtils.java
index 44ddeac865a00b8c436d1ef795b2855986358c65..8c6715446a96ec78cff35bd0176f3584ffadab69 100644 (file)
--- a/org.argeo.security.core/src/org/argeo/security/SecurityUtils.java
+++ b/org.argeo.security.core/src/org/argeo/security/SecurityUtils.java
@@ -19,6 +19,7 @@ import java.util.ArrayList;
 import java.util.Collection;
 import java.util.Collections;
 import java.util.List;
+import java.util.UUID;
 
 import org.springframework.security.authentication.AnonymousAuthenticationToken;
 import org.springframework.security.core.Authentication;
@@ -27,11 +28,20 @@ import org.springframework.security.core.context.SecurityContext;
 import org.springframework.security.core.context.SecurityContextHolder;
 
 /** Static utilities */
-public class SecurityUtils {
+public final class SecurityUtils {
+       private final static String systemKey = UUID.randomUUID().toString();
 
        private SecurityUtils() {
        }
 
+       /**
+        * @return a String which is guaranteed to be unique between and constant
+        *         within a Java static context (typically a VM launch)
+        */
+       public final static String getStaticKey() {
+               return systemKey;
+       }
+
        /** Whether the current thread has the admin role */
        public static boolean hasCurrentThreadAuthority(String authority) {
                SecurityContext securityContext = SecurityContextHolder.getContext();