How can I get the current user roles from Spring security 3.1

You can try something like this:

Collection<SimpleGrantedAuthority> authorities = (Collection<SimpleGrantedAuthority>)    SecurityContextHolder.getContext().getAuthentication().getAuthorities();

You have the collection of roles in the authorities variable.

I've created a custom hasRole function for my project.

public static boolean hasRole (String roleName)
{
    return SecurityContextHolder.getContext().getAuthentication().getAuthorities().stream()
            .anyMatch(grantedAuthority -> grantedAuthority.getAuthority().equals(roleName));
}

Try to call getUserPrincipal() from HttpServletRequest.

If you develop on Java 8, it's getting easier.

To get all user roles:

Authentication authentication = SecurityContextHolder.getContext().getAuthentication();

Set<String> roles = authentication.getAuthorities().stream()
     .map(r -> r.getAuthority()).collect(Collectors.toSet());

To check if the user has a particular role, for example, ROLE_USER:

Authentication authentication = SecurityContextHolder.getContext().getAuthentication();

boolean hasUserRole = authentication.getAuthorities().stream()
          .anyMatch(r -> r.getAuthority().equals("ROLE_USER"));

How can I get the current user roles from Spring security 3.1

Tags:

Spring

Spring Security

Related

Recent Posts