Announcement Announcement Module
No announcement yet.
how to get logged user id? Page Title Module
Move Remove Collapse
Conversation Detail Module
  • Filter
  • Time
  • Show
Clear All
new posts

  • how to get logged user id?

    I could not find the answer anywhere yet. I am trying to get user id from a database.
    With SecurityContextHolder.getContext().getAuthenticati on().getName(); I can get user login, but is there a way to get its "user_id" field from the database?

    I'm quite new to spring (roo) so sorry if it is a dump question.

  • #2
    Unfortunately, there isn't a simple answer to what you're asking.

    I know you said you're new at this, but I'm assuming you are aware of what SecurityContextHolder.getContext().getAuthenticati on().getName() does. In case you're not...

    SecurityContextHolder.getContext() returns SecurityContext that has been bound to the thread of execution by one of Spring Security's many filters. From that SecurityContext object, you can obtain the "principal" using getPrincipal(). This can be typecast as a UserDetails and you can get access to all of the usual user details that the UserDetails interface exposes. If you know exactly what underlying implementation of UserDetails is being used, you could cast directly to that type to get access to additional attributes as well.

    If it isn't clear already, Spring Security relies very heavily on pluggable implementations of several different interfaces- with the aforementioned UserDetails being just one of those. Exactly which underlying implementation is being used is dependent on what sort of authentication mechanisms you are using. All of those are pluggable as well, obviously. Not all of those mechanisms necessarily involve the use of any sort of identifier (i.e. primary key) on the UserDetails implementations.

    If you care about details such as this (or other custom attributes) that user records in your database, directory, etc. may contain, then your best recourse is to create a custom implementation of the UserDetails interface that will have these attributes. Of course, you then need to customize the athentication mechanisms you are using so that they can instantiate UserDetails of the proper type and so that they will also understand how to map thse custom attributes of the underlying datastore to/from that custom UserDetails implementation.

    As cool as Roo and Spring Security's configuration DSL are, they both will fail you quite miserably when you need to do something with this level of customization.

    This is definitely not the answer you were looking for, but your best option rit now is to hit the reference docs and API docs pretty hard to understand what you're dealing with in more depth. Alternatively, you could question your own need to get at the user's id in the underlying datastore. Why do you need that piece of information? What do you intend to do with it? Is there a different angle of attack through which you can solve the problem (or the problem you think you have)?

    In most cases, you will find that whatever complex thing it is you are tryign to implement, Spring Security already has a very slick way of doing it.

    I hope this helps some.


    • #3
      Thanks for your answer krancour.
      I did solve my problem by adding a finder and then:
      this.findUsersByUsername(SecurityContextHolder.get Context().getAuthentication().getName()).getSingle Result().getId() but I don't know if it's a good way of getting the id.