wood burning stoves 2.0*
The moose likes Other Application Frameworks and the fly likes Keeping the user acegi retrieved Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Frameworks » Other Application Frameworks
Bookmark "Keeping the user acegi retrieved" Watch "Keeping the user acegi retrieved" New topic
Author

Keeping the user acegi retrieved

Antonio Fornie
Ranch Hand

Joined: Aug 07, 2008
Posts: 117
Hello.

I've got a question about using acegi. Supose I configure it to use basic or form authentication, and to use my users DB. Spring will retrieve the user from the DB. In the rest of the application I'll need to know the user in order to show only that user data (sales, messages...). But how can I access the user data Spring retrieved.

I don't want that first Spring access the databse and later, in the same request my code access the databse again to retrieve the same data. Is there a way I can access DB only once? Is there a way to access the info Tomcat stores in session?

That's absolutely necessary. Otherwise I'd have to ask the user to login once again as I know the user is logged but I don't know wich user is it.

Thank you very much.

Antonio


I feel there must be far better ways to do what I do... that makes learning even funnier
Mark Spritzler
ranger
Sheriff

Joined: Feb 05, 2001
Posts: 17250
    
    6

When you use Spring Security, the Principal(user) is stored in the SecurityContext. And I believe that there is a helper class that has a method that you can call to get the Principal, I just don't remember the class name.

WebContextUtils or something like that.

Mark


Perfect World Programming, LLC - Two Laptop Bag - Tube Organizer
How to Ask Questions the Smart Way FAQ
Wirianto Djunaidi
Ranch Hand

Joined: Mar 20, 2001
Posts: 210

It is SecurityContextHolder. To get the principal you can do:
Antonio Fornie
Ranch Hand

Joined: Aug 07, 2008
Posts: 117
Thank you very much. That's what I needed to know.
 
It is sorta covered in the JavaRanch Style Guide.
 
subject: Keeping the user acegi retrieved