gyoder
Reputation: 4738
Spring security: is the user logged in or anonymous?
I need a public restful endpoint that can tell me if the current user is logged in or not. Since the user may be authenticated as anonymousUser, I can't just do this:
if (SecurityContextHolder.getContext().getAuthentication().isAuthenticated())
...
From looking at some other posts, it looks like I might need to do something clumsy like actually look for the anonymous role in granted authorities. Is there an easier way?
Upvotes: 1
Views: 4952
Answers (2)
Dherik
Reputation: 19110
You can also use (not nice, but works):
SecurityContextHolder.getContext().getAuthentication() != null &&
SecurityContextHolder.getContext().getAuthentication().isAuthenticated() &&
//when Anonymous Authentication
!(SecurityContextHolder.getContext().getAuthentication()
instanceof AnonymousAuthenticationToken)
Upvotes: 0
gyoder
Reputation: 4738
Here's what I believe is the simplest solution:
// permitAll
@RequestMapping(method = RequestMethod.GET, value = "/isAuthorized")
public String isAuthorized(Principal user) {
return user != null ? "Y" : "N";
}
Upvotes: 2
Related Questions
- How to check if user is logged in or anonymous in Spring Security
- spring security always returning anonymousUser
- Identity for anonymous user in Spring MVC application
- Check if user is logged in Spring MVC
- How to check if a user is logged in with spring-security?
- Spring MVC get current logged in user
- Spring security | issue in granting access to anonymous users
- spring secuirty anonymous user and authenticated user with spring security
- Which is the best way to get the logged user with spring security?
- Spring Security 3.1 and returning anonymous UserDetails