-
Notifications
You must be signed in to change notification settings - Fork 19
Get the authenticated user profiles
CAS in the cloud LELEU Jérôme edited this page Oct 11, 2022
·
4 revisions
pac4j takes care of populating the HttpServletRequest with security information.
In particular it is possible to retrieve a Principal via getUserPrincipal() (or simply its name, i.e., username or id, via getRemoteUser()) and checks the user's roles via isUserInRole().
Alternatively, you can get the profile of the authenticated user using the ProfileManager (or SpringSecurity(Reactive)ProfileManager in a Spring Security (reactive) webapp or ShiroProfileManager in a Shiro webapp).
>> Read the documentation of the ProfileManager component.
Example:
WebContext context = new JEEContext(request, response);
SessionStore sessionStore = JEESessionStoreFactory.INSTANCE.newSessionStore(request, response);
ProfileManager manager = new ProfileManager(context, sessionStore);
Optional<UserProfile> profile = manager.getProfile();or using CDI (JEE):
@Named
@RequestScoped
public class ProfileView {
@Inject
private WebContext webContext;
@Inject
private SessionStore sessionStore;
@Inject
private ProfileManager profileManager;
public Object getProfile() {
return profileManager.getProfile().orElse(null);
}
}