Get current logged in username in Spring Security
Published: August 17, 2011 , Updated: August 17, 2011 , Author: mkyong
In this article, we show you three ways to get current logged in username in Spring Security.
1. SecurityContextHolder + Authentication.getName()
import org.springframework.security.core.Authentication; import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.stereotype.Controller; import org.springframework.ui.ModelMap; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; @Controller public class LoginController { @RequestMapping(value="/login", method = RequestMethod.GET) public String printUser(ModelMap model) { Authentication auth = SecurityContextHolder.getContext().getAuthentication(); String name = auth.getName(); //get logged in username model.addAttribute("username", name); return "hello"; } //...
2. SecurityContextHolder + User.getUsername()
import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.security.core.userdetails.User; import org.springframework.stereotype.Controller; import org.springframework.ui.ModelMap; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; @Controller public class LoginController { @RequestMapping(value="/login", method = RequestMethod.GET) public String printUser(ModelMap model) { User user = (User)SecurityContextHolder.getContext().getAuthentication().getPrincipal(); String name = user.getUsername(); //get logged in username model.addAttribute("username", name); return "hello"; } //...
3. UsernamePasswordAuthenticationToken
This is more elegant solution, in runtime, Spring will inject “UsernamePasswordAuthenticationToken” into the “Principal” interface.
import java.security.Principal; import org.springframework.stereotype.Controller; import org.springframework.ui.ModelMap; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; @Controller public class LoginController { @RequestMapping(value="/login", method = RequestMethod.GET) public String printWelcome(ModelMap model, Principal principal ) { String name = principal.getName(); //get logged in username model.addAttribute("username", name); return "hello"; } //...
Download Source Code
Download it – Spring-Security-Get-Logged-In-Username.zip (9 KB)
References
I think you mean RequestMapping as “/welcome” instead of “/login” that you have put. You will get hold of principal (USer) only after successful authentication.
- K. Arun
This is my login function
[...] MVC ControllerSpring controller to handle what URL should go where. Note You may interest at this how to get the current logged user detail.File : LoginController.javapackage com.mkyong.common.controller; import [...]