You are viewing a plain text version of this content. The canonical link for it is here.

Posted to user@struts.apache.org by Prashant Khanal <pr...@yomari.com> on 2008/02/13 05:39:54 UTC

appfuse generated basic struts project how to access the logged in user from action

Hello all,

I am working on the appfuse generated basic struts 2 project. It uses acegi
as a security framework for authentication and authorization. How can i
access the logged in user from the action?
To show the logged in user in the header.jsp page i used a jstl tag provided
by acegi as:
Welcome<authz:authentication operation="username" />, <a href="<c:url
value='/logout.jsp'/>">logout</a>
unfortunately this is also shown in login page as Welcome anonymous, logout
:)
how can i hide that based on whether or not the user is logged in?


-- 
Thanks,
Prashant Khanal

Re: appfuse generated basic struts project how to access the logged in user from action

Posted by Jeromy Evans <je...@blueskyminds.com.au>.

Prashant Khanal wrote:
>
> To get the logged in user from the action i used :
> SecurityContext ctx = SecurityContextHolder.getContext();
>         if (ctx != null) {
>             Authentication auth = ctx.getAuthentication();
>             User loggedInUser = (User) auth.getPrincipal();
>         }
>
>   

As an alternative, your action may implement PrincipalAware

http://struts.apache.org/2.x/docs/servlet-config-interceptor.html

The advantage of PrincipalAware over the static call above is that it's 
easier to unit-test your action outside of the servlet context and it's 
clear to other developers that the action requires the principal.

regards,
 Jeromy Evans

---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org

Re: appfuse generated basic struts project how to access the logged in user from action

Posted by Prashant Khanal <pr...@yomari.com>.

hello all
anyway i got the answer but dunno whether or not it is appropriate
i wrapped the jsp snippet to hide it if the user is not logged in as
<authz:authorize ifNotGranted="ROLE_ANONYMOUS">
    <div style="float: left; width: 100%; text-align: right;">Welcome
    <authz:authentication operation="username" />, <a
        href="<c:url value='/logout.jsp'/>">logout</a></div>
</authz:authorize>

To get the logged in user from the action i used :
SecurityContext ctx = SecurityContextHolder.getContext();
        if (ctx != null) {
            Authentication auth = ctx.getAuthentication();
            User loggedInUser = (User) auth.getPrincipal();
        }



On 2/13/08, Prashant Khanal <pr...@yomari.com> wrote:
>
> Hello all,
>
> I am working on the appfuse generated basic struts 2 project. It uses
> acegi as a security framework for authentication and authorization. How can
> i access the logged in user from the action?
> To show the logged in user in the header.jsp page i used a jstl tag
> provided by acegi as:
> Welcome<authz:authentication operation="username" />, <a href="<c:url
> value='/logout.jsp'/>">logout</a>
> unfortunately this is also shown in login page as Welcome anonymous,
> logout :)
> how can i hide that based on whether or not the user is logged in?
>
>
> --
> Thanks,
> Prashant Khanal
>
>


-- 
Thanks,
Prashant Khanal
prashant.khanal@yomari.com
Solutions for your information
_________________
Yomari Pvt. Ltd.
HB Complex, Ekantakuna, Lalitpur.
G.P.O. Box: 21295
Kathmandu, Nepal
Tel: 977 (1) 5000111, 2113000
Fax: 977 (1) 5000157
http://www.yomari.com
____________________
Your guide to Nepal on the Net.
http://www.nepalhomepage.com