0

How i can check if currently authenticated user has a specific role?

I found some older solution for older version of spring security, but in current version in spring it's not working, so I'm looking for a solution like this but in spring-boot-starter-security version 1.5.2.

Community
  • 1
  • 1
Syngularity
  • 795
  • 3
  • 17
  • 42

1 Answers1

1

verify if authorities lenght is >0 :

Collection<SimpleGrantedAuthority> authorities = (Collection<SimpleGrantedAuthority>) SecurityContextHolder.getContext().getAuthentication().getAuthorities();

and after compare with your role if he has roles

Azzabi Haythem
  • 2,318
  • 7
  • 26
  • 32
  • 1
    thx for quick reply, i make my own work around, but's it a bit none sense i can do this in thymeleaf : "sec:authorize="hasRole('ROLE_ADMIN')" but not in java codes. – Syngularity Apr 24 '17 at 13:11
  • you'd better also to verify the three level of security ,(1) in your code java ,(2) in (jsp or thymeleaf) , and (3) in xml page accec configuration like `` – Azzabi Haythem Apr 24 '17 at 13:21