How to get the current logged in user from jsf using seam and jboss security?
alessandro.montanari Mar 2, 2012 11:34 AMHi everyone,
I'm quite new in jboss and seam development and maybe I'm missing something very easy but I read a lot of posts here and I still can not get the solution, so thanks for help me
The situation:
I created an EJB application with a method level security, so I wrote my application policy like this:
<application-policy xmlns="urn:jboss:security-beans:1.0" name="myalma-security-domain"> <authentication> <login-module code="org.jboss.security.ClientLoginModule" flag="required"> <module-option name="restore-login-identity">true</module-option> </login-module> <login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="required"> <module-option name="dsJndiName">java:/myalma-ds</module-option> ... </login-module> </authentication> </application-policy>
And then I annoted all EJB's methods in the proper way. Everything works here.
Then I created a web app that uses the EJB components and Seam, now I removed all settings about Seam security beacuse I want to use the same policy as before, so I added to web.xml those lines
<security-constraint> <display-name>Restrict raw XHTML Documents</display-name> <web-resource-collection> <web-resource-name>XHTML</web-resource-name> <url-pattern>/*</url-pattern> <url-pattern>/layout/*</url-pattern> <http-method>GET</http-method> <http-method>POST</http-method> </web-resource-collection> <auth-constraint> <role-name>admin</role-name> </auth-constraint> </security-constraint> <login-config> <auth-method>FORM</auth-method> <form-login-config> <form-login-page>/MyLogin.xhtml</form-login-page> <form-error-page>/error.xhtml</form-error-page> </form-login-config> </login-config> <security-role> <role-name>admin</role-name> </security-role>
I also added this line in jboss-web.xml
<security-domain>java:/jaas/myalma-security-domain</security-domain>
And MyLogin.xhtml is:
... <body> <form name="loginForm" method="post" action="j_security_check"> <table> <tr> <td>User Name:</td> <td><input type="text" name="j_username"/></td> </tr> <tr> <td>Password:</td> <td><input type="password" name="j_password"/></td> </tr> <tr colspan="2"> <td><input type="submit" value="login"/></td> </tr> </table> </form> </body> ...
The login works fine: i can access to pages only if the user has the admin role.
My question now is: how can I get the username of the current logged in user from a jsf?
I tried in many different ways like:
- #{request.userPrincipal.name}
- #{servletContexts.request.userPrincipal.name}
- #{servletContexts.request.remoteUser}
- etc.
but I get always null.
I'm using jboss 6.1.0.Final and Seam 2.2.2.Final
Really thanks for help.