Win a copy of AWS Security this week in the Cloud/Virtualization forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
  • Campbell Ritchie
  • Paul Clapham
  • Jeanne Boyarsky
  • Junilu Lacar
  • Henry Wong
  • Ron McLeod
  • Devaka Cooray
  • Tim Cooke
Saloon Keepers:
  • Tim Moores
  • Stephan van Hulst
  • Frits Walraven
  • Tim Holloway
  • Carey Brown
  • Piet Souris
  • salvin francis
  • fred rosenberger

Passing classes to MVC controllers

Ranch Hand
Posts: 71
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I am looking at an example from Wall's Spring Boot In Action, chapter 3. This is a simple Boot MVC project using Spring Security. The default security configuration is overridden by the following class:

This class defines a custom UserDetails implemneted by the Reader class.The Reader class looks like:

There is one controller, ReadingListController:

The SecurityConfig class obtains the Reader from the injected readerRepository which is a JpaRepository<Reader, String>. When you boot up the application and go to localhost:8080/ you are presented with the login page. When you log in, the ReadingListController.readersBooks(Reader reader, Model model) method is called. This is passed a Reader object populated via the username used in logging in. Spring is passing the Reader object, looked up in the database, to the controller. I'm wondering why this happens. I have seen Principal passed to a controller annotated with @AuthenticationPrincipal, and have seen controllers access the SecurityContext to retrieve the principal, but have not seen it done this way. My question is, is Spring passing in Reader because it implements UserDetails? if not, why is Spring passing in the correct Reader object?
I can't beleive you just said that. Now I need to calm down with this tiny ad:
Devious Experiments for a Truly Passive Greenhouse!
    Bookmark Topic Watch Topic
  • New Topic