Win a copy of Mesos in Action this week in the Cloud/Virtualizaton forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Keeping the user acegi retrieved

 
Antonio Fornie
Ranch Hand
Posts: 117
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello.

I've got a question about using acegi. Supose I configure it to use basic or form authentication, and to use my users DB. Spring will retrieve the user from the DB. In the rest of the application I'll need to know the user in order to show only that user data (sales, messages...). But how can I access the user data Spring retrieved.

I don't want that first Spring access the databse and later, in the same request my code access the databse again to retrieve the same data. Is there a way I can access DB only once? Is there a way to access the info Tomcat stores in session?

That's absolutely necessary. Otherwise I'd have to ask the user to login once again as I know the user is logged but I don't know wich user is it.

Thank you very much.

Antonio
 
Mark Spritzler
ranger
Sheriff
Posts: 17278
6
IntelliJ IDE Mac Spring
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
When you use Spring Security, the Principal(user) is stored in the SecurityContext. And I believe that there is a helper class that has a method that you can call to get the Principal, I just don't remember the class name.

WebContextUtils or something like that.

Mark
 
Wirianto Djunaidi
Ranch Hand
Posts: 210
Ruby Ubuntu VI Editor
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
It is SecurityContextHolder. To get the principal you can do:
 
Antonio Fornie
Ranch Hand
Posts: 117
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thank you very much. That's what I needed to know.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic