X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=security%2Fplugins%2Forg.argeo.security.ui%2Fsrc%2Fmain%2Fjava%2Forg%2Fargeo%2Fsecurity%2Fui%2Finternal%2FCurrentUser.java;h=b26df1018965d797b9beca95a5e28124a2280f56;hb=78469faf92044c7ad7b3a829ae2b5e4f943748b7;hp=1abdc15646dc6453045762147f3ad503458f36fe;hpb=61e9e5e89933b419916b767a2977297b32ba7d36;p=lgpl%2Fargeo-commons.git

diff --git a/security/plugins/org.argeo.security.ui/src/main/java/org/argeo/security/ui/internal/CurrentUser.java b/security/plugins/org.argeo.security.ui/src/main/java/org/argeo/security/ui/internal/CurrentUser.java
index 1abdc1564..b26df1018 100644
--- a/security/plugins/org.argeo.security.ui/src/main/java/org/argeo/security/ui/internal/CurrentUser.java
+++ b/security/plugins/org.argeo.security.ui/src/main/java/org/argeo/security/ui/internal/CurrentUser.java
@@ -12,6 +12,10 @@ import org.argeo.ArgeoException;
 import org.springframework.security.Authentication;
 import org.springframework.security.GrantedAuthority;
 
+/**
+ * Retrieves information about the current user. Not an API, can change without
+ * notice.
+ */
 public class CurrentUser {
 	public final static String getUsername() {
 		Subject subject = getSubject();
@@ -23,21 +27,24 @@ public class CurrentUser {
 	}
 
 	public final static Set<String> roles() {
-		Principal principal = getSubject().getPrincipals().iterator().next();
-		Authentication authentication = (Authentication) principal;
 		Set<String> roles = Collections.synchronizedSet(new HashSet<String>());
-		for (GrantedAuthority ga : authentication.getAuthorities()) {
-			roles.add(ga.getAuthority());
+
+		Set<Authentication> authens = getSubject().getPrincipals(
+				Authentication.class);
+		if (authens != null && !authens.isEmpty()) {
+			Principal principal = authens.iterator().next();
+			Authentication authentication = (Authentication) principal;
+			for (GrantedAuthority ga : authentication.getAuthorities()) {
+				roles.add(ga.getAuthority());
+			}
 		}
 		return Collections.unmodifiableSet(roles);
 	}
 
 	public final static Subject getSubject() {
-
 		Subject subject = Subject.getSubject(AccessController.getContext());
 		if (subject == null)
 			throw new ArgeoException("Not authenticated.");
 		return subject;
-
 	}
 }