SpringSecurity : How to list the User Authorities in Controller,Filter and Services

How to get the User Authorities in Controller,Filter and Services


  • You can get the user authorities from the SecurityContextHolder
  • getContext().getAuthenication().getAuthorities() will return the authorities for the currently logged in user.
  • You cannot add the user Authority to this collection of user Authorities .


  1. public Object authorities(){  
  2.     Set<GrantedAuthority> authorities = (Set<GrantedAuthority>) SecurityContextHolder.getContext().getAuthentication().getAuthorities();  
  3.     if(authorities.contains("ADMIN")){  
  4.         // do something  
  5.         return "";  
  6.     }else if(authorities.contains("USER")){  
  7.         // do something else  
  8.         return "";  
  9.     }else{  
  10.         // do something else  
  11.         return "";  
  12.     }  
  13. }  

As shown in the example above you can get the user authorities by the following method.

Collection authorities = SecurityContextHolder.getContext().getAuthentication().getAuthorities();


No comments :

Post a Comment