import org.springframework.security.Authentication;
import org.springframework.security.GrantedAuthority;
+/**
+ * Retrieves information about the current user. Not an API, can change without
+ * notice.
+ */
public class CurrentUser {
public final static String getUsername() {
Subject subject = getSubject();
}
public final static Set<String> roles() {
- Principal principal = getSubject().getPrincipals(Authentication.class)
- .iterator().next();
- Authentication authentication = (Authentication) principal;
Set<String> roles = Collections.synchronizedSet(new HashSet<String>());
- for (GrantedAuthority ga : authentication.getAuthorities()) {
- roles.add(ga.getAuthority());
+
+ Set<Authentication> authens = getSubject().getPrincipals(
+ Authentication.class);
+ if (authens != null && !authens.isEmpty()) {
+ Principal principal = authens.iterator().next();
+ Authentication authentication = (Authentication) principal;
+ for (GrantedAuthority ga : authentication.getAuthorities()) {
+ roles.add(ga.getAuthority());
+ }
}
return Collections.unmodifiableSet(roles);
}
public final static Subject getSubject() {
-
Subject subject = Subject.getSubject(AccessController.getContext());
if (subject == null)
throw new ArgeoException("Not authenticated.");
return subject;
-
}
}