Introduce Argeo 2 security model-

[lgpl/argeo-commons.git] / org.argeo.security.ui / src / org / argeo / security / ui / internal / CurrentUser.java
diff --git a/org.argeo.security.ui/src/org/argeo/security/ui/internal/CurrentUser.java b/org.argeo.security.ui/src/org/argeo/security/ui/internal/CurrentUser.java

index b7287f66c97efe7e19ca3765c6a7e4540dbae558..f5a242d3a4a514420b3b560d60ba848921c0364a 100644 (file)
--- a/org.argeo.security.ui/src/org/argeo/security/ui/internal/CurrentUser.java
+++ b/org.argeo.security.ui/src/org/argeo/security/ui/internal/CurrentUser.java
@@ -15,44 +15,62 @@
   */
  package org.argeo.security.ui.internal;
  
+import java.security.AccessController;
+import java.security.Principal;
+import java.security.acl.Group;
  import java.util.Collections;
  import java.util.HashSet;
  import java.util.Set;
  
-import org.springframework.security.core.Authentication;
-import org.springframework.security.core.GrantedAuthority;
-import org.springframework.security.core.context.SecurityContextHolder;
+import javax.security.auth.Subject;
+import javax.security.auth.x500.X500Principal;
+
+import org.argeo.ArgeoException;
  
  /**
   * Retrieves information about the current user. Not an API, can change without
   * notice.
   */
  public class CurrentUser {
-       // public final static String getUsername() {
-       // Subject subject = getSubject();
-       // if (subject == null)
-       // return null;
-       // Principal principal = subject.getPrincipals().iterator().next();
-       // return principal.getName();
-       //
-       // }
-
         public final static String getUsername() {
-               return getAuthentication().getName();
+               Subject subject = getSubject();
+               if (subject == null)
+                       return null;
+               Principal principal = subject.getPrincipals(X500Principal.class)
+                               .iterator().next();
+               return principal.getName();
+
         }
  
         public final static Set<String> roles() {
                 Set<String> roles = Collections.synchronizedSet(new HashSet<String>());
-               Authentication authentication = getAuthentication();
-               for (GrantedAuthority ga : authentication.getAuthorities()) {
-                       roles.add(ga.getAuthority());
+               // roles.add("ROLE_USER");
+               Subject subject = getSubject();
+               X500Principal userPrincipal = subject
+                               .getPrincipals(X500Principal.class).iterator().next();
+               roles.add(userPrincipal.getName());
+               for (Principal group : subject.getPrincipals(Group.class)) {
+                       roles.add(group.getName());
                 }
-               return Collections.unmodifiableSet(roles);
+               return roles;
         }
  
-       public final static Authentication getAuthentication() {
-               return SecurityContextHolder.getContext().getAuthentication();
-       }
+       // public final static String getUsername() {
+       // return getAuthentication().getName();
+       // }
+
+       // public final static Set<String> roles() {
+       // Set<String> roles = Collections.synchronizedSet(new HashSet<String>());
+       // Authentication authentication = getAuthentication();
+       // for (GrantedAuthority ga : authentication.getAuthorities()) {
+       // roles.add(ga.getAuthority());
+       // }
+       // return Collections.unmodifiableSet(roles);
+       // }
+       //
+       // public final static Authentication getAuthentication() {
+       // return SecurityContextHolder.getContext().getAuthentication();
+       // }
  
         // public final static Authentication getAuthentication() {
         // Set<Authentication> authens = getSubject().getPrincipals(
@@ -65,10 +83,10 @@ public class CurrentUser {
         // throw new ArgeoException("No authentication found");
         // }
  
-       // public final static Subject getSubject() {
-       // Subject subject = Subject.getSubject(AccessController.getContext());
-       // if (subject == null)
-       // throw new ArgeoException("Not authenticated.");
-       // return subject;
-       // }
+       public final static Subject getSubject() {
+               Subject subject = Subject.getSubject(AccessController.getContext());
+               if (subject == null)
+                       throw new ArgeoException("Not authenticated.");
+               return subject;
+       }
  }