Discussoes de Programacao e Tecnologia

Spring Security de onde vem property="principal.username"

3 respostas
A
alandiniz

Eu fiz um projeto usando Spring security com pasta /admin pra ROLE_ADMIN e /usuario com ROLE_USER etc..
ta tudo funcionando certinho
e na pasta raiz "/" todo mundo tem acesso... e tem um quadro que fala se o cara ta logado ou não..

seguindo esse tutorial aqui http://samerabdelkafi.wordpress.com/2011/01/16/secure-your-web-application-with-spring-security/ eu queria fazer essa parte: 
<sec:authorize ifAllGranted="ROLE_USER">
  Utilisateur : <sec:authentication property="principal.username"/>
</sec:authorize>
porém eu não sei de onde vem o principal.username... o meu ta vindo vazio mesmo depois de logado... na verdade o que eu queria mesmo era assim: 
<h:panelGroup rendered="#{!empty usuarioController.usuario}">
                    <div id="logado">
                        <div id="fotoUser">
                            <h:graphicImage value="/img/userOn.jpg" width="40" height="40" title="Flechada" alt="Flechada"/>
                        </div>
                        <div class="alinhaTextoUser">
                            <div class="saudacaoUser">
                                E <h:outputText styleClass="saudacaoNegrito" value=" Flechada"/>, beleza?<br/>
                                <h:outputLink value="#">Meu Espaço</h:outputLink> | <h:outputLink value="#">Favoritos</h:outputLink> | <h:outputLink style="color: #cc6666;" value="/j_spring_security_logout">Sair</h:outputLink>
                            </div>
                        </div>
                    </div>
                </h:panelGroup>

                <h:panelGroup rendered="#{empty usuarioController.usuario}">
                    <div id="off">
                        <div id="fotoUser">
                            <h:graphicImage value="/img/userOff.jpg" width="40" height="40" title="Visitante" alt="Visitante"/>
                        </div>
                        <div class="alinhaTextoUser">
                            <div class="saudacaoUser">
                                Beleza<h:outputText styleClass="saudacaoNegrito" value=" Visitante?"/><br/>
                                Faça seu <h:outputLink value="/usuario/meu-cadastro.xhtml">login</h:outputLink> ou <h:outputLink value="/cadastro.xhtml">cadastre-se</h:outputLink>
                            </div>
                        </div>
                    </div>
                </h:panelGroup>

também poderia ser com meu usuariocontroller ta assim: 

package br.com.techsquare.controller;

import br.com.techsquare.dao.UsuarioDAO;
import br.com.techsquare.dao.UsuarioDAOImp;
import br.com.techsquare.modelo.Usuario;
import javax.faces.bean.ManagedBean;
import javax.faces.bean.SessionScoped;
import java.util.List;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.User;

/**
 *
 * @author alan
 */
@ManagedBean
@SessionScoped
public class UsuarioController {

    private Usuario usuario;
    private List<Usuario> usuarios;

    public UsuarioController() {
        try {
            usuario = new Usuario();
            SecurityContext context = SecurityContextHolder.getContext();
            if (context instanceof SecurityContext) {
                Authentication authentication = context.getAuthentication();
                if (authentication instanceof Authentication) {
                    usuario.setUsername(((User) authentication.getPrincipal()).getUsername());
                } else {usuario = null;} //tentei por esses
            } else {usuario = null;} //dois else's e tambem nao deu certo...
        } catch (Exception e) {
        }
    }

//omitido getters and setters

}

porém se eu chamo na tela o #{usuarioController.usuario.username} ele aparece o nome do cara logado!

o que estou fazendo errado?

Alura Desenvolvimento Front-End React Do primeiro componente à liderança técnica! HTML/CSS/JavaScript fundamental, React com hooks e...

3 Respostas

A
alandiniz

se eu estou logado e chamo #{usuarioController.usuario.username} aparece normal…

se eu não estou logado ele da o erro:

123 30/03/2012 22:05:39 com.sun.faces.application.view.FaceletViewHandlingStrategy handleRenderException GRAVE: Error Rendering View[/index.xhtml] javax.el.ELException: /topo.xhtml: Não é possível criar instância para·a classe: br.com.techsquare.controller.UsuarioController. at com.sun.faces.facelets.compiler.TextInstruction.write(TextInstruction.java:90) at com.sun.faces.facelets.compiler.UIInstructions.encodeBegin(UIInstructions.java:82) at com.sun.faces.facelets.compiler.UILeaf.encodeAll(UILeaf.java:183) at javax.faces.component.UIComponent.encodeAll(UIComponent.java:1655) at javax.faces.component.UIComponent.encodeAll(UIComponent.java:1655) at com.sun.faces.application.view.FaceletViewHandlingStrategy.renderView(FaceletViewHandlingStrategy.java:399) at com.sun.faces.application.view.MultiViewHandler.renderView(MultiViewHandler.java:131) at com.sun.faces.lifecycle.RenderResponsePhase.execute(RenderResponsePhase.java:121) at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:101) at com.sun.faces.lifecycle.LifecycleImpl.render(LifecycleImpl.java:139) at javax.faces.webapp.FacesServlet.service(FacesServlet.java:313) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:304) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:343) at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:109) at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:83) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355) at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:97) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355) at org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:100) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355) at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:78) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355) at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:54) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355) at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:35) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355) at org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilter(BasicAuthenticationFilter.java:177) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355) at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:188) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355) at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:105) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355) at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:79) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355) at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:149) at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:237) at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:224) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:169) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:168) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:100) at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:929) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:405) at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:964) at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:515) at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:304) at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908) at java.lang.Thread.run(Thread.java:662) Caused by: com.sun.faces.mgbean.ManagedBeanCreationException: Não é possível criar instância para·a classe: br.com.techsquare.controller.UsuarioController. at com.sun.faces.mgbean.BeanBuilder.newBeanInstance(BeanBuilder.java:193) at com.sun.faces.mgbean.BeanBuilder.build(BeanBuilder.java:102) at com.sun.faces.mgbean.BeanManager.createAndPush(BeanManager.java:409) at com.sun.faces.mgbean.BeanManager.create(BeanManager.java:269) at com.sun.faces.el.ManagedBeanELResolver.resolveBean(ManagedBeanELResolver.java:244) at com.sun.faces.el.ManagedBeanELResolver.getValue(ManagedBeanELResolver.java:116) at com.sun.faces.el.DemuxCompositeELResolver._getValue(DemuxCompositeELResolver.java:176) at com.sun.faces.el.DemuxCompositeELResolver.getValue(DemuxCompositeELResolver.java:203) at org.apache.el.parser.AstIdentifier.getValue(AstIdentifier.java:71) at org.apache.el.parser.AstValue.getValue(AstValue.java:147) at org.apache.el.ValueExpressionImpl.getValue(ValueExpressionImpl.java:189) at com.sun.faces.facelets.el.ELText$ELTextVariable.writeText(ELText.java:224) at com.sun.faces.facelets.el.ELText$ELTextComposite.writeText(ELText.java:148) at com.sun.faces.facelets.compiler.TextInstruction.write(TextInstruction.java:85) ... 53 more Caused by: java.lang.ClassCastException: java.lang.String cannot be cast to org.springframework.security.core.userdetails.User at br.com.techsquare.controller.UsuarioController.<init>(UsuarioController.java:33) at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39) at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27) at java.lang.reflect.Constructor.newInstance(Constructor.java:513) at java.lang.Class.newInstance0(Class.java:355) at java.lang.Class.newInstance(Class.java:308) at com.sun.faces.mgbean.BeanBuilder.newBeanInstance(BeanBuilder.java:188) ... 66 more

A
alandiniz

putz ta tenso… num da certo de jeito nenhum :frowning:

G
gabrielfrios

Sobre o valor principal.username, “principal” é o usuario autenticado no contexto do Spring Security, vc pode fazer um cast desse objeto para um objeto do Tipo org.springframework.security.core.userdetails.User do proprio Spring security que tem um atributo username, password, etc…

Veja o que é retornado pelo contexto do Spring no objeto authentication.getPrincipal()
Outra coisa, poste seus arquivos de configuração do Spring (applicationContext.xml, ou o nome que vc deu), pra termos mais detalhes.

Criado 30 de março de 2012
Ultima resposta 9 de abr. de 2012
Respostas 3
Participantes 2

Topicos relacionados

Criação dinâmica de componente de texto em JSF 4 respostas [Resolvido] Erro de mapeamento Hibernate 11 respostas Popular combobox em funçao de outro combobox usando JSP + MySQL 8 respostas Exibir imagem em p:graphicimage 8 respostas URLConnection, como pegar o retorno 14 respostas
Alura Git Flow: entenda o que é, como e quando utilizar Entenda o que é Git Flow, como funciona seu fluxo com branches como Master, Develop, Feature, Release e Hotfix, além de vantagens e desvantagens.
Casa do Codigo Desmistificando WebAssembly: Alta performance,... Por Raphael Amorim — Casa do Codigo