Update license headers

[lgpl/argeo-commons.git] / security / runtime / org.argeo.security.core / src / main / java / org / argeo / security / OsAuthenticationToken.java

diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/OsAuthenticationToken.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/OsAuthenticationToken.java
index 9fba6f054aa482fc52dcfee7435a5f50f862d4f6..b3727b26f0a7ee2a51ce2c87d0c820821d6a7656 100644 (file)
--- a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/OsAuthenticationToken.java
+++ b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/OsAuthenticationToken.java
@@ -1,10 +1,24 @@
+/*
+ * Copyright (C) 2007-2012 Argeo GmbH
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *         http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
 package org.argeo.security;
 
 import java.security.AccessController;
 import java.security.Principal;
 import java.util.ArrayList;
 import java.util.Arrays;
-import java.util.Collections;
 import java.util.List;
 import java.util.Set;
 
@@ -72,10 +86,18 @@ public class OsAuthenticationToken implements Authentication {
                this(null);
        }
 
+       /** @return the name, or null if not yet logged */
        public String getName() {
+               Subject subject = Subject.getSubject(AccessController.getContext());
+               if (subject == null)
+                       return null;
                return getUser().getName();
        }
 
+       /**
+        * Should not be called during authentication since group IDs are not yet
+        * available {@link Subject} has been set
+        */
        public GrantedAuthority[] getAuthorities() {
                // grantedAuthorities should not be null at this stage
                List<GrantedAuthority> gas = new ArrayList<GrantedAuthority>(
@@ -121,7 +143,7 @@ public class OsAuthenticationToken implements Authentication {
        }
 
        public Principal getUser() {
-               Subject subject = Subject.getSubject(AccessController.getContext());
+               Subject subject = getSubject();
                Set<? extends Principal> userPrincipals = subject
                                .getPrincipals(osUserPrincipalClass);
                if (userPrincipals == null || userPrincipals.size() == 0)
@@ -133,7 +155,7 @@ public class OsAuthenticationToken implements Authentication {
        }
 
        public Principal getUserId() {
-               Subject subject = Subject.getSubject(AccessController.getContext());
+               Subject subject = getSubject();
                Set<? extends Principal> userIdsPrincipals = subject
                                .getPrincipals(osUserIdPrincipalClass);
                if (userIdsPrincipals == null || userIdsPrincipals.size() == 0)
@@ -145,11 +167,19 @@ public class OsAuthenticationToken implements Authentication {
        }
 
        public Set<? extends Principal> getGroupsIds() {
-               Subject subject = Subject.getSubject(AccessController.getContext());
+               Subject subject = getSubject();
                return (Set<? extends Principal>) subject
                                .getPrincipals(osGroupIdPrincipalClass);
        }
 
+       /** @return the subject always non null */
+       protected Subject getSubject() {
+               Subject subject = Subject.getSubject(AccessController.getContext());
+               if (subject == null)
+                       throw new ArgeoException("No subject in JAAS context");
+               return subject;
+       }
+
        public Object getCredentials() {
                return "";
        }