Grails 3, Spring Security Rest username after login

Question

I have a Grails 3 application with Spring Security Rest implemented, I can authenticate from my Angular2 app successfully, and with @Secured() applied to the controllers can control which areas of the application can be accessed. So given this, I know that the authentication and authorization is working.

I'm trying to retrieve the logged in user's username that was used to authenticate.

I've tried Authentication authentication = SecurityContextHolder.getContext().getAuthentication() it's null.

I tried Principal principal = request.getUserPrincipal() it's also null.

Here's my application.groovy

    grails.plugin.springsecurity.providerNames = ['customADAuthProvider']
    grails.plugin.springsecurity.successHandler.alwaysUseDefault = true
    grails.plugin.springsecurity.userLookup.userDomainClassName = 'User'
    grails.plugin.springsecurity.userLookup.authorityJoinClassName = 'UserRole'
    grails.plugin.springsecurity.authority.className = 'Role'
    grails.plugin.springsecurity.controllerAnnotations.staticRules = [
        [pattern: '/',               access: ['permitAll']],
        [pattern: '/error',          access: ['permitAll']],
        [pattern: '/index',          access: ['permitAll']],
        [pattern: '/index.gsp',      access: ['permitAll']],
        [pattern: '/shutdown',       access: ['permitAll']],
        [pattern: '/assets/**',      access: ['permitAll']],
        [pattern: '/**/js/**',       access: ['permitAll']],
        [pattern: '/**/css/**',      access: ['permitAll']],
        [pattern: '/**/images/**',   access: ['permitAll']],
        [pattern: '/**/favicon.ico', access: ['permitAll']]
    ]

    grails.plugin.springsecurity.filterChain.chainMap = [
        [pattern: '/assets/**',      filters: 'none'],
        [pattern: '/**/js/**',       filters: 'none'],
        [pattern: '/**/css/**',      filters: 'none'],
        [pattern: '/**/images/**',   filters: 'none'],
        [pattern: '/**/favicon.ico', filters: 'none'],
        [pattern: '/api/**',         filters: 'JOINED_FILTERS,-anonymousAuthenticationFilter,-exceptionTranslationFilter,-authenticationProcessingFilter,-securityContextPersistenceFilter,-rememberMeAuthenticationFilter']
]

    grails.plugin.springsecurity.rest.logout.endpointUrl = '/api/logout'

No matter what I try, I can never get the authentication object or principal object to retrieve the username or any user details.

I'm using spring-security-rest:2.0.0.RC1 , and Grails 3.3.6

Answer 1

You can do something like this...

class SomeController {

    def springSecurityService

    def someAction() {
        def user = springSecurityService.currentUser
            // ...
    }
}

Or this...

class SomeController {

    def springSecurityService

    def someAction() {
        def principal = springSecurityService.principal
        String username = principal.username
        def authorities = principal.authorities // a Collection of GrantedAuthority
        boolean enabled = principal.enabled
        // ...
    }
}

Both of those are pasted directly from https://grails-plugins.github.io/grails-spring-security-core/3.2.x/index.html