stackoom
  简体   繁体   中英

Spring security Principal won't work with @PostConstruct

 原文  2020-08-13 03:38:21       java/ spring/ spring-security

Question

I have a managedbean which contains this function that returns the username of the logged in user:

public String getConnectedUser( ){  
    SecurityContext context = SecurityContextHolder.getContext();
    Authentication authentication = context.getAuthentication();
    if (authentication == null)
        return null;
    Object principal = authentication.getPrincipal();
    if (principal instanceof UserDetails) {
        return ((UserDetails) principal).getUsername();
    } else {
        return principal.toString();
    }

I want to get the user with my DAO using the username I get from spring security. When I call it inside the @PostConstruct method it doesn't return anything.

    @PostConstruct
public void init() {

user = utilisateurService.getUtilisateurByLogin( getConnectedUser());

but when I call it in JSF, it shows me the correct logged in username:

        <h:outputText
            value="Logged as : #{testMB.getConnectedUser()}" />

in conclusion: with Init function I get nothing in the view, with the JSF call I get the username, can someone help me out?

EDIT: i run some tests and it appears that the authentication is null, even tho i'm logged in

1 answers

solution1
 1 ACCPTED  2020-08-13 05:10:34

I think it makes sense that Spring Security principal is not available in PostConstruct.

PostConstruct on DAO would have been called at the time of application startup. At that time, there would be no logged in user. But, when you browse through a JSF page, there you might have logged in and that's why Principal is available there.

Spring Security Filter chain will get invoked when you visit application url.

I suggest you to call this method during your regular DAO method calls. If you are logged in, then Principal should be available.

@Repository
public class SomeDao
{

public String someDaoMethod() {
  getConnectedUser();
  ....
}
private String getConnectedUser( ){  
    SecurityContext context = SecurityContextHolder.getContext();
    Authentication authentication = context.getAuthentication();
    if (authentication == null)
        return null;
    Object principal = authentication.getPrincipal();
    if (principal instanceof UserDetails) {
        return ((UserDetails) principal).getUsername();
    } else {
        return principal.toString();
    }

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Spring-Security OpenId won't work Spring security accessing principal Spring Security Principal transformation Spring Security principal isn't fully populated after Tomcat restart Principal Object to JSON in Spring Security What's the “principal” in Spring Security? Custom principal in spring security test Spring security , Principal returns null Spring Security: How to get details from the principal? Spring security get Wrong Principal in Concurrency Environment
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM