X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=security%2Fplugins%2Forg.argeo.security.ui%2Fsrc%2Fmain%2Fjava%2Forg%2Fargeo%2Fsecurity%2Fui%2Finternal%2FCurrentUser.java;h=b26df1018965d797b9beca95a5e28124a2280f56;hb=78469faf92044c7ad7b3a829ae2b5e4f943748b7;hp=638eb03a59e14c3b209f8f4a7ce257f6f7c5c761;hpb=2f510fb09e18bc3d3e902c8131d0037763c5f279;p=lgpl%2Fargeo-commons.git

diff --git a/security/plugins/org.argeo.security.ui/src/main/java/org/argeo/security/ui/internal/CurrentUser.java b/security/plugins/org.argeo.security.ui/src/main/java/org/argeo/security/ui/internal/CurrentUser.java
index 638eb03a5..b26df1018 100644
--- a/security/plugins/org.argeo.security.ui/src/main/java/org/argeo/security/ui/internal/CurrentUser.java
+++ b/security/plugins/org.argeo.security.ui/src/main/java/org/argeo/security/ui/internal/CurrentUser.java
@@ -12,6 +12,10 @@ import org.argeo.ArgeoException;
 import org.springframework.security.Authentication;
 import org.springframework.security.GrantedAuthority;
 
+/**
+ * Retrieves information about the current user. Not an API, can change without
+ * notice.
+ */
 public class CurrentUser {
 	public final static String getUsername() {
 		Subject subject = getSubject();
@@ -23,22 +27,24 @@ public class CurrentUser {
 	}
 
 	public final static Set<String> roles() {
-		Principal principal = getSubject().getPrincipals(Authentication.class)
-				.iterator().next();
-		Authentication authentication = (Authentication) principal;
 		Set<String> roles = Collections.synchronizedSet(new HashSet<String>());
-		for (GrantedAuthority ga : authentication.getAuthorities()) {
-			roles.add(ga.getAuthority());
+
+		Set<Authentication> authens = getSubject().getPrincipals(
+				Authentication.class);
+		if (authens != null && !authens.isEmpty()) {
+			Principal principal = authens.iterator().next();
+			Authentication authentication = (Authentication) principal;
+			for (GrantedAuthority ga : authentication.getAuthorities()) {
+				roles.add(ga.getAuthority());
+			}
 		}
 		return Collections.unmodifiableSet(roles);
 	}
 
 	public final static Subject getSubject() {
-
 		Subject subject = Subject.getSubject(AccessController.getContext());
 		if (subject == null)
 			throw new ArgeoException("Not authenticated.");
 		return subject;
-
 	}
 }