1

I simply need the name of the currently logged in user. The same that gets displayed in gsp with <sec:username/>. I'm at a loss as to what to do. Here's previous answers and questions - they all seem to require some import and none of the solutions works for me:

Specifically, I want to access the username insides a controller and put it into a variable of a domain instance in order to persist it (alongsides other information) into the database for logging purposes. Insides that controller, there's nothing to be seen that even remotely refers to Person/User classes, spring security or any other thing that sounds like it might do what I intend.

Community
  • 1
  • 1
HumanInDisguise
  • 1,335
  • 4
  • 17
  • 29

2 Answers2

5

You can access the domain object corresponding to the logged-in user using springSecurityService.currentUser, and then fetch the username (or whichever other properties you require) from there. Due to Groovy's dynamic nature you don't need to import the domain class or the SpringSecurityService class to do this, simply using an untyped dependency injection

def springSecurityService

and you can access springSecurityService.currentUser?.username (or whatever).

Though as Burt points out in a comment, if it's only the username you want then it is more efficient to use springSecurityService.authentication.principal.username as this does not need to load the user object from the database. You only need currentUser if you want other properties of the user object aside from the ID or username.

Ian Roberts
  • 120,891
  • 16
  • 170
  • 183
  • 4
    `currentUser` is an expensive way to get the username since it loads the `User` instance from the db. `authentication.principal.username` is lightweight because it's already cached in-memory – Burt Beckwith Jun 02 '15 at 15:44
1

Just figured it out: In the controller, def springSecurityService comes just after the opening bracket of the controller class (that's class YourController {) and the variable assignment looks like this: def username = springSecurityService.authentication.principal.getUsername() - apparently playing around with some code posted here has helped me.

HumanInDisguise
  • 1,335
  • 4
  • 17
  • 29
  • As that command fails if there's noone logged in, I'm now additionally checking for that beforehand, using: `if (springSecurityService.isLoggedIn()) {` - so the code in total is: `String currentUser = "" if (springSecurityService.isLoggedIn()) { currentUser = springSecurityService.authentication.principal.getUsername() }` – HumanInDisguise Jun 10 '15 at 08:40
  • Quite practical as well - if noone is logged in, `springSecurityService.authentication.getPrincipal()` returns the string `anonymousUser` - [for more details, see the comment on SpringSecurityService.groovy lines 54 to 56, just before `getPrincipal()`](https://github.com/grails-plugins/grails-spring-security-core/blob/master/grails-app/services/grails/plugin/springsecurity/SpringSecurityService.groovy) – HumanInDisguise Jun 10 '15 at 08:48