Announcement Announcement Module
Collapse
No announcement yet.
Acegi, UserDetails Page Title Module
Move Remove Collapse
This topic is closed
X
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Acegi, UserDetails

    I have created a custom UserDetails implementation that contains my existing User object, as well as the user name, pass, ect. Is there any way that I can access that object using jstl <c:out ... />. ie. I would like to put a welcome message in the header of each page, the info is stored in the UserDetailsImpl.

    Thanks,
    Dan

  • #2
    You can access it via:

    ((SecureContext) ContextHolder.getContext()).getAuthentication().ge tPrincipal()

    The getPrincipal() returns an Object. If you are running DaoAuthenticationProvider with forcePrincipalAsString = false (the default) you will be able to cast that Object to UserDetails. If you've set this property to true, it will be a String representation of the username.

    Comment


    • #3
      Ben,

      That is how I am accessing it from my controller. That is fine, but I was looking for a way to access the context from, for instance, a header file that gets included in every request. It is not a problem if that can't be done. I already created a filter that will add that to the request when the SecureContext exists, this way it is available to every request.

      Dan

      Comment


      • #4
        Hi Dan

        Your approach would work as a general-purpose solution. Alternatively, you can always read it directly from the HttpSession attribute keyed against net.sf.acegisecurity.ui.webapp.HttpSessionIntegrat ionFilter.ACEGI_SECURITY_AUTHENTICATION_KEY if you're using the default HttpSession-based storage of the user credentials.

        Generally it's a view-specific issue to expose the Authentication more easily. You could add it to the Model returned by your controller. Or use a taglib like net.sf.acegisecurity.taglibs.authz.AuthorizeTag. Or (as we do with FreeMarer) extend FreeMarkerView and add it in the protected void exposeHelpers(Map, HttpServletRequest) method so it's accessible to a FreeMarker macro.

        Comment


        • #5
          Ben,

          Thanks for you input. I think for right now, the filter will work fine. I am limiting what type of session attibutes the view can access, and I don't want to make every call the controller returns have to check for that info in the request. The filter seems like a viable solution.

          Thanks again.
          Dan

          Comment


          • #6
            Although probably not recommended:

            Code:
            <c&#58;out value="$&#123;sessionScope&#91;'ACEGI_SECURITY_AUTHENTICATION'&#93;.principal.username&#125;"/>
            This worked for me.

            Comment

            Working...
            X