views:

35

answers:

1

Hi I'm doing some proof-of-concept work with Spring MVC and security. So far I've managed to write a simple web-app which has a secure webpage which requires a user to login and have the correct role before accessing the database and listing some data. I'm using Spring 2.0.8 by the way. What I require is that, after the user has logged on, is to access the user principal object for the current session to pass into my DAO layer. I'd like to do this through the standard bean wiring, so it will have to be something determined at runtime. Any pointers to get started ? Cheers Neil

A: 

SecurityContextHolder#getContext() will return a SecurityContext associated with the current user request.

From there, you can call getAuthentication().getPrincipal() to get the data associated with the logged-in user.

There is no need to inject any bean, the static method in SecurityContextHolder will take care of accessing the correct thread-local data.

bashflyng
That's answered my query thanks very much !
Neil