Java tutorial
/* * Copyright 2013-2015 Erudika. http://erudika.com * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. * * For issues and patches go to: https://github.com/erudika */ package com.erudika.para.security; import com.erudika.para.core.User; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpSession; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.security.core.Authentication; import org.springframework.security.core.context.SecurityContextHolder; /** * Utility class with helper methods for authentication. * @author Alex Bogdanovski [alex@erudika.com] */ public final class SecurityUtils { private static final Logger logger = LoggerFactory.getLogger(SecurityUtils.class); private SecurityUtils() { } /** * Extracts a User object from the security context * @return an authenticated user or null if a user is not authenticated */ public static User getAuthenticatedUser() { User u = null; if (SecurityContextHolder.getContext().getAuthentication() != null) { Authentication auth = SecurityContextHolder.getContext().getAuthentication(); if (auth.isAuthenticated() && auth.getPrincipal() instanceof User) { u = (User) auth.getPrincipal(); } } return u; } /** * Clears the session. Deletes cookies and clears the security context. * @param req HTTP request */ public static void clearSession(HttpServletRequest req) { SecurityContextHolder.clearContext(); if (req != null) { HttpSession session = req.getSession(false); if (session != null) { session.invalidate(); } } } }