How to get User details

**lukeb** · Feb 23rd, 2006, 08:54 AM

Hi,

I'm new to Acegi.
I would like to access some properties for the user using the authz:authentication tag.

I subclassed JdbcDaoImpl to add the new sql statement but now I cannot go further.

Could anybody tell me exactly what should be modified to achieve my purpose?

Complete samples would be great.

Thanks

LuKe

**ojs** · Feb 24th, 2006, 03:14 PM

Originally Posted by lukeb

I would like to access some properties for the user using the authz:authentication tag.

From the Acegi documentation:

1.7.4.2. AuthenticationTag

AuthenticationTag is used to simply output a property of the current principal's Authentication.getPrincipal() object to the web page.

The following JSP fragment illustrates how to use the AuthenticationTag:

<authz:authentication operation="username"/>

This tag would cause the principal's name to be output. Here we are assuming the Authentication.getPrincipal() is a UserDetails object, which is generally the case when using the typical DaoAuthenticationProvider.

HTH
Oliver

**purplehaze** · Feb 28th, 2006, 08:33 AM

hi, in reference to the above answer.................

<authz:authentication operation="username"/> only seems to work with the User object (implemening userdetails) properties. But if a nested object exists then can we not use the tag to access that particular property??

e.g.
<authz:authentication operation="username.address.line1"/> ??

Address for sure is not null when I check but the tag cannot seem to render nested properties like the standard jstl c tag.

If I remove the nested property line1 then it picks up the address property but renders this as null? But it isnt.

Any ideas????

bets wishes

**Ben Alex** · Mar 6th, 2006, 08:30 AM

The authz tag doesn't support nesting. Please feel free to add a patch and unit tests to JIRA if you require this functionality.

**ajrobinson** · May 16th, 2006, 11:52 AM

According to the documentation the AuthenticationTag invokes methods on the object returned by Authentication.getPrincipal(). However, both the AuthenticationProcessingFilter and the SiteminderAuthenticationProcessingFilter set a simple username String as the principal in the attemptAuthentication method with no clean way to override this behavior.

I would request a method in the AuthenticationProcessingFilter called something like obtainPrincipal to allow for an easy mechanism to override what object is set as the principal.

Here is an optional default implementation:

protected Object obtainPrincipal(String username) {
return username;
}

**Luke Taylor** · May 16th, 2006, 05:10 PM

AuthenticationProcessingFilter doesn't set the principal to be a String in attemptAuthentication(). The code for the method is here:

http://acegisecurity.org/multiprojec...Filter.html#59

It uses whatever is returned by the authentication manager as the principal object. Typically this will be a UserDetails object, as returned from the authenticate method of AbstractUserDetailsManager:

http://acegisecurity.org/multiprojec...vider.html#199

(Usually a concrete instance of DaoAuthenticationProvider).

You can override the createSuccessAuthentication() method or specialse the UserDetailsService that is used to further customise the contents of the Authentication object that is returned.

**hungvu** · May 19th, 2006, 05:15 AM

Originally Posted by Ben Alex

The authz tag doesn't support nesting. Please feel free to add a patch and unit tests to JIRA if you require this functionality.

I need this feature. Is it implemented yet ?

Thanks.

Thread: How to get User details

Thread Tools

Display

How to get User details

Posting Permissions