AddThis

Friday, 17 August 2018

Get current logged in username in Spring Security


In this article, I will show you multiple ways to get the current logged in username in Spring Security.

1. SecurityContextHolder + Authentication.getName()

import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Controller;
import org.springframework.ui.ModelMap;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;

@Controller
public class LoginController {

  @RequestMapping(value="/login", method = RequestMethod.GET)
  public String printUser(ModelMap model) {

      Authentication auth = SecurityContextHolder.getContext().getAuthentication();
      String name = auth.getName(); //get logged in username
                            
      model.addAttribute("username", name);
      return "hello";
  }

2. SecurityContextHolder + User.getUsername()

import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.User;
import org.springframework.stereotype.Controller;
import org.springframework.ui.ModelMap;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;

@Controller
public class LoginController {

  @RequestMapping(value="/login", method = RequestMethod.GET)
  public String printUser(ModelMap model) {

      User user = (User)SecurityContextHolder.getContext().getAuthentication().getPrincipal();
      String name = user.getUsername(); //get logged in username
                            
      model.addAttribute("username", name);
      return "hello";
  }

3. UsernamePasswordAuthenticationToken

This is more elegant solution, in runtime, Spring will injects UsernamePasswordAuthenticationToken into the Principal interface.
import java.security.Principal;
import org.springframework.stereotype.Controller;
import org.springframework.ui.ModelMap;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;

@Controller
public class LoginController {

  @RequestMapping(value="/login", method = RequestMethod.GET)
  public String printWelcome(ModelMap model, Principal principal ) {

      String name = principal.getName(); //get logged in username
      model.addAttribute("username", name);
      return "hello";
  }

4. Alternatively, the authentication token can also be used:

import org.springframework.security.core.Authentication;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;

@Controller
public class SecurityController {

    @RequestMapping(value = "/username", method = RequestMethod.GET)
    @ResponseBody
    public String currentUserName(Authentication authentication) {
        return authentication.getName();
    }
}


5. And finally, directly from the HTTP request:

import java.security.Principal;

import javax.servlet.http.HttpServletRequest;

import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;

@Controller
public class SecurityController {

    @RequestMapping(value = "/username", method = RequestMethod.GET)
    @ResponseBody
    public String currentUserNameSimple(HttpServletRequest request) {
        Principal principal = request.getUserPrincipal();
        return principal.getName();
    }
}






No comments:

Post a Comment

Solving real time queries using java 8 features stream api with examples

package com.pse; import java.util.ArrayList; import java.util.Arrays; import java.util.Collections; import java.util.Comparator; import java...