X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=org.argeo.security.ui%2Fsrc%2Forg%2Fargeo%2Fsecurity%2Fui%2Finternal%2FCurrentUser.java;h=f5a242d3a4a514420b3b560d60ba848921c0364a;hb=7eab8a52b56a763e0d0e5153d298ce658e41a22f;hp=b7287f66c97efe7e19ca3765c6a7e4540dbae558;hpb=648a4c267ac50861ce094c8f968c4652706b6cca;p=lgpl%2Fargeo-commons.git

diff --git a/org.argeo.security.ui/src/org/argeo/security/ui/internal/CurrentUser.java b/org.argeo.security.ui/src/org/argeo/security/ui/internal/CurrentUser.java
index b7287f66c..f5a242d3a 100644
--- a/org.argeo.security.ui/src/org/argeo/security/ui/internal/CurrentUser.java
+++ b/org.argeo.security.ui/src/org/argeo/security/ui/internal/CurrentUser.java
@@ -15,44 +15,62 @@
  */
 package org.argeo.security.ui.internal;
 
+import java.security.AccessController;
+import java.security.Principal;
+import java.security.acl.Group;
 import java.util.Collections;
 import java.util.HashSet;
 import java.util.Set;
 
-import org.springframework.security.core.Authentication;
-import org.springframework.security.core.GrantedAuthority;
-import org.springframework.security.core.context.SecurityContextHolder;
+import javax.security.auth.Subject;
+import javax.security.auth.x500.X500Principal;
+
+import org.argeo.ArgeoException;
 
 /**
  * Retrieves information about the current user. Not an API, can change without
  * notice.
  */
 public class CurrentUser {
-	// public final static String getUsername() {
-	// Subject subject = getSubject();
-	// if (subject == null)
-	// return null;
-	// Principal principal = subject.getPrincipals().iterator().next();
-	// return principal.getName();
-	//
-	// }
-
 	public final static String getUsername() {
-		return getAuthentication().getName();
+		Subject subject = getSubject();
+		if (subject == null)
+			return null;
+		Principal principal = subject.getPrincipals(X500Principal.class)
+				.iterator().next();
+		return principal.getName();
+
 	}
 
 	public final static Set<String> roles() {
 		Set<String> roles = Collections.synchronizedSet(new HashSet<String>());
-		Authentication authentication = getAuthentication();
-		for (GrantedAuthority ga : authentication.getAuthorities()) {
-			roles.add(ga.getAuthority());
+		// roles.add("ROLE_USER");
+		Subject subject = getSubject();
+		X500Principal userPrincipal = subject
+				.getPrincipals(X500Principal.class).iterator().next();
+		roles.add(userPrincipal.getName());
+		for (Principal group : subject.getPrincipals(Group.class)) {
+			roles.add(group.getName());
 		}
-		return Collections.unmodifiableSet(roles);
+		return roles;
 	}
 
-	public final static Authentication getAuthentication() {
-		return SecurityContextHolder.getContext().getAuthentication();
-	}
+	// public final static String getUsername() {
+	// return getAuthentication().getName();
+	// }
+
+	// public final static Set<String> roles() {
+	// Set<String> roles = Collections.synchronizedSet(new HashSet<String>());
+	// Authentication authentication = getAuthentication();
+	// for (GrantedAuthority ga : authentication.getAuthorities()) {
+	// roles.add(ga.getAuthority());
+	// }
+	// return Collections.unmodifiableSet(roles);
+	// }
+	//
+	// public final static Authentication getAuthentication() {
+	// return SecurityContextHolder.getContext().getAuthentication();
+	// }
 
 	// public final static Authentication getAuthentication() {
 	// Set<Authentication> authens = getSubject().getPrincipals(
@@ -65,10 +83,10 @@ public class CurrentUser {
 	// throw new ArgeoException("No authentication found");
 	// }
 
-	// public final static Subject getSubject() {
-	// Subject subject = Subject.getSubject(AccessController.getContext());
-	// if (subject == null)
-	// throw new ArgeoException("Not authenticated.");
-	// return subject;
-	// }
+	public final static Subject getSubject() {
+		Subject subject = Subject.getSubject(AccessController.getContext());
+		if (subject == null)
+			throw new ArgeoException("Not authenticated.");
+		return subject;
+	}
 }