hi!
i've got two applications in same tomcat. one of those applications uses spring security for authentication. i would like method getRemoteUser to return valid user name in second application when logged into first one.
is there easy way to achieve this? can u please point me out to simplest possible solution which will do that?
thanks for responses
I do not believe Application 2 can access application 1's security information. Not directly anyways, perhaps using remoting, or webservices will allow you to do this. However, I do not think there is a place in the spring security framework where you can go across applications and get information though java code only.
This will return the local current logged in user:
String username = SecurityContextHolder.getContext()
.getAuthentication().getName();
So, if appA is logged in into appB then exposing this controller will return the username, the one used in appA to login into appB. Wich appA should already know, mmmm:
public class UserController extends AbstractController {
@Override
protected ModelAndView handleRequestInternal(HttpServletRequest req,
HttpServletResponse res) throws Exception {
String username = SecurityContextHolder.getContext()
.getAuthentication().getName();
ModelAndView mv = new ModelAndView("jsonResponse");
mv.addObject("username", username);
return mv;
}
}