how to get user info from session?

**minikiller** · Jan 13th, 2005, 10:16 PM

i select WebWork as my web framework, i want to know if i can get user detail info from session. I woder where can i process in this situation.thanks

**af6140** · Jan 14th, 2005, 12:02 PM

SecureContext.getAuthentication().getPrincipal().g etUserName()

**Ben Alex** · Jan 14th, 2005, 04:08 PM

Don't forget to cast:

Code:

&#40;&#40;UserDetails&#41; &#40;&#40;SecureContext&#41; ContextHolder.getContext&#40;&#41;&#41;.getAuthentication&#40;&#41;.getPrincipal&#40;&#41;&#41;.getUsername&#40;&#41;;

**scott.tian** · Jan 25th, 2005, 08:08 PM

Originally Posted by Ben Alex

Don't forget to cast:

Code:

&#40;&#40;UserDetails&#41; &#40;&#40;SecureContext&#41; ContextHolder.getContext&#40;&#41;&#41;.getAuthentication&#40;&#41;.getPrincipal&#40;&#41;&#41;.getUsername&#40;&#41;;

**Ben Alex** · Jan 27th, 2005, 06:49 AM

Generally people use DaoAuthenticationProvider with Acegi Security, which puts the UserDetails returned by the AuthenticationDao into the Authentication object. If you have a look at the JavaDocs for the DaoAuthenticationProvider and AuthenticationDao, where the UserDetails comes from will make a lot more sense.

**blaiseg** · Oct 24th, 2008, 09:52 AM

Hi All,

Ok, it's really easy to retrieve the UserDetails. But I want to write an app that isn't too much coupled with Spring.

Is there another way to retrieve the UserDetail from the session ? Maybe with something like

Code:

HttpSession session = request.getSession();
session.getAttribute("SPRING_USER_DETAILS");

I have seen that the session has an attribute "SPRING_SECURITY_CONTEXT" of type org.springframework.security.context.SecurityConte xtImpl, is it bad to retrieve the context from the session ?

If it is, why is it ? If it isn't is there a way to externalize that key ?

Edit : Actually I have written a static method into a personnal AuthorizationManager

Code:

public static User getPrincipal(HttpSession session) {
  // Do nothing with the session because Spring give us a better way to retrieve the principal
  return (User) ((SecurityContext) 
    SecurityContextHolder.getContext()).getAuthentication().getPrincipal();
}

, so if later my boss tell me to remove Spring from the project I have juste to rewrite this method. But I don't really like that.

**oni_FFM** · Oct 29th, 2008, 08:24 AM

public static User getPrincipal(HttpSession session) {
// Do nothing with the session because Spring give us a better way to retrieve the principal
return (User) ((SecurityContext)
SecurityContextHolder.getContext()).getAuthenticat ion().getPrincipal();
}

thanks blaiseg. It works fine. you rescued me

Thread: how to get user info from session?

Thread Tools

Display

Hybrid View

how to get user info from session?

How can I know to Cast to UserDetails? Where to define it?

Similar Threads

JBoss 3.2.6 & Spring Deployment issues

can't make caching work with Hibernate3 + ehcache

DefaultAdvisorAutoProxyCreator skipping beans

Newbee - Spring/Hibernate Tomcat/MySQL issue

SingleConnectionDataSource configuration problem ?

Posting Permissions