X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=security%2Fplugins%2Forg.argeo.security.ui%2Fsrc%2Fmain%2Fjava%2Forg%2Fargeo%2Fsecurity%2Fui%2Finternal%2FCurrentUser.java;h=ed50d1e3ccd521d864d5e1ac77a8ee5b4a6bdc82;hb=149023e5969377045847bbecf24b0898b18a67a9;hp=638eb03a59e14c3b209f8f4a7ce257f6f7c5c761;hpb=832bee8656e427eef8580b6d24bfdcf4526fce95;p=lgpl%2Fargeo-commons.git

diff --git a/security/plugins/org.argeo.security.ui/src/main/java/org/argeo/security/ui/internal/CurrentUser.java b/security/plugins/org.argeo.security.ui/src/main/java/org/argeo/security/ui/internal/CurrentUser.java
index 638eb03a5..ed50d1e3c 100644
--- a/security/plugins/org.argeo.security.ui/src/main/java/org/argeo/security/ui/internal/CurrentUser.java
+++ b/security/plugins/org.argeo.security.ui/src/main/java/org/argeo/security/ui/internal/CurrentUser.java
@@ -23,12 +23,16 @@ public class CurrentUser {
 	}
 
 	public final static Set<String> roles() {
-		Principal principal = getSubject().getPrincipals(Authentication.class)
-				.iterator().next();
-		Authentication authentication = (Authentication) principal;
 		Set<String> roles = Collections.synchronizedSet(new HashSet<String>());
-		for (GrantedAuthority ga : authentication.getAuthorities()) {
-			roles.add(ga.getAuthority());
+
+		Set<Authentication> authens = getSubject().getPrincipals(
+				Authentication.class);
+		if (authens != null && !authens.isEmpty()) {
+			Principal principal = authens.iterator().next();
+			Authentication authentication = (Authentication) principal;
+			for (GrantedAuthority ga : authentication.getAuthorities()) {
+				roles.add(ga.getAuthority());
+			}
 		}
 		return Collections.unmodifiableSet(roles);
 	}