X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;ds=sidebyside;f=security%2Fruntime%2Forg.argeo.security.core%2Fsrc%2Fmain%2Fjava%2Forg%2Fargeo%2Fsecurity%2FOsAuthenticationToken.java;h=61ec539c610f08290ae093b423f8eb000ad735c6;hb=484dcb1507e4e35cc282e50522ea7eac7e99a7f9;hp=9fba6f054aa482fc52dcfee7435a5f50f862d4f6;hpb=149023e5969377045847bbecf24b0898b18a67a9;p=lgpl%2Fargeo-commons.git

diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/OsAuthenticationToken.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/OsAuthenticationToken.java
index 9fba6f054..61ec539c6 100644
--- a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/OsAuthenticationToken.java
+++ b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/OsAuthenticationToken.java
@@ -4,7 +4,6 @@ import java.security.AccessController;
 import java.security.Principal;
 import java.util.ArrayList;
 import java.util.Arrays;
-import java.util.Collections;
 import java.util.List;
 import java.util.Set;
 
@@ -76,6 +75,10 @@ public class OsAuthenticationToken implements Authentication {
 		return getUser().getName();
 	}
 
+	/**
+	 * Should not be called during authentication since group IDs are not yet
+	 * available {@link Subject} has been set
+	 */
 	public GrantedAuthority[] getAuthorities() {
 		// grantedAuthorities should not be null at this stage
 		List<GrantedAuthority> gas = new ArrayList<GrantedAuthority>(
@@ -121,7 +124,7 @@ public class OsAuthenticationToken implements Authentication {
 	}
 
 	public Principal getUser() {
-		Subject subject = Subject.getSubject(AccessController.getContext());
+		Subject subject = getSubject();
 		Set<? extends Principal> userPrincipals = subject
 				.getPrincipals(osUserPrincipalClass);
 		if (userPrincipals == null || userPrincipals.size() == 0)
@@ -133,7 +136,7 @@ public class OsAuthenticationToken implements Authentication {
 	}
 
 	public Principal getUserId() {
-		Subject subject = Subject.getSubject(AccessController.getContext());
+		Subject subject = getSubject();
 		Set<? extends Principal> userIdsPrincipals = subject
 				.getPrincipals(osUserIdPrincipalClass);
 		if (userIdsPrincipals == null || userIdsPrincipals.size() == 0)
@@ -145,11 +148,19 @@ public class OsAuthenticationToken implements Authentication {
 	}
 
 	public Set<? extends Principal> getGroupsIds() {
-		Subject subject = Subject.getSubject(AccessController.getContext());
+		Subject subject = getSubject();
 		return (Set<? extends Principal>) subject
 				.getPrincipals(osGroupIdPrincipalClass);
 	}
 
+	/** @return the subject always non null */
+	protected Subject getSubject() {
+		Subject subject = Subject.getSubject(AccessController.getContext());
+		if (subject == null)
+			throw new ArgeoException("No subject in JAAS context");
+		return subject;
+	}
+
 	public Object getCredentials() {
 		return "";
 	}