Member
Get current user from session
How do you get the currently logged in from the session object after you have logged in using the Acegi filters.
Normally I would do like this:
Then I'm using a session attribute that I've previously set.Code:HttpSession session = request.getSession(); String userName = (String) session.getAttribute("USER_NAME");
How do you do this with Acegi?
Junior Member
Hi Vator,
First you have to write a class XXXAuthorizer which implements net.sf.acegisecurity.providers.dao.AuthenticationD ao and then once you override method public UserDetails loadUserByUsername(String username), you will get the username in this method. You also need to wire XXXAuthorizer into your acegi security.
I hope this helps!
Junior Member
AuthenticationProcessingFilter
If you need an object for the user, try a AuthenticationProcessingFilter.
With something like this in your context:Code:public class CustomAuthenticationProcessingFilter extends AuthenticationProcessingFilter { protected void onSuccessfulAuthentication(HttpServletRequest req, HttpServletResponse resp, Authentication auth) throws IOException { super.onSuccessfulAuthentication(req, resp, auth); User user = (User) auth.getPrincipal(); req.getSession().setAttribute("currentUser",user); } }
Code:<bean id="authenticationProcessingFilter" class="com.mysite.webapp.filter.CustomAuthenticationProcessingFilter"> <property name="authenticationManager" ref="authenticationManager"/> <property name="authenticationFailureUrl" value="/login.jsp?error=true"/> <property name="defaultTargetUrl" value="/"/> <property name="filterProcessesUrl" value="/j_security_check"/> <property name="rememberMeServices" ref="rememberMeServices"/> </bean>
Last edited by tamewind; Feb 10th, 2008 at 07:45 PM.
Member
Now I've done as told. My problem now is that I can't import the AuthenticationProcessingFilter. I get en error importing the file... I've referenced it in the acegiSecutrityContext file, so I guess the path is wrong or something... Can anyone help?
Code:import db.User; import java.io.IOException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.acegisecurity.ui.webapp.AuthenticationProcessingFilter; public class CustomAuthenticationProcessingFilter extends AuthenticationProcessingFilter { protected void onSuccessfulAuthentication(HttpServletRequest req, HttpServletResponse resp, Authentication auth) throws IOException { super.onSuccessfulAuthentication(req, resp, auth); User user = (User) auth.getPrincipal(); req.getSession().setAttribute("currentUser",user); } }
acegisecurityContext file
Code:<bean id="formAuthenticationProcessingFilter" class="filters.CustomAuthenticationProcessingFilter"> <property name="authenticationManager" ref="authenticationManager"/> <property name="authenticationFailureUrl" value="/jsp/login.jsp?error=2"/> <property name="defaultTargetUrl" value="/regMenu.do"/> <property name="filterProcessesUrl" value="/j_acegi_security_check"/> </bean>
Senior Member
Why not simply use the SecurityContextHolder? That contains your current user and can be used from everywhere because it uses a ThreadLocal to store the user. If you don't want a dependency you could factor/design it out by putting it behind a facade that way you have 1 dependency.
Code:SecurityContextHolder.getContext().getAuthentication().getPrincipal():
Marten Deinum
Java Consultant / Pragmatist / Open Source Enthousiast / Author
Pro Spring MVC: With Web Flow
Conspect
Have you read the reference guide.
Use the [ code ] tags, young padawan
Member
I will try that out.
I got some problems though importing the package org.acegisecurity.context.
It's located in WEB-INF/lib/acegi-security-1.0.6 but it seems like I have to to set it in the classpath somewhere.
I'm using Netbeans 6.0. Do you have any clue about how to do it?
Junior Member
This works great. Thanks mdeinum.Originally Posted by mdeinum
Posting Permissions
