How to display current logged-in user's information in all templates including view managed by WebMvcConfigurerAdapter in Spring Security application
Solution 1
It's quite easy to accomplish this, thanks to a hint from Balaji Krishnan.
Basically, I had to add the Thymeleaf Spring Security integration module to my build.gradle file as follows:
compile("org.thymeleaf.extras:thymeleaf-extras-springsecurity3")
Then in my template I just used the following markup:
<span th:text ="${#authentication.getPrincipal().getUser().getFirstName()}"></span>
Solution 2
When using Spring Security 4 and Thymeleaf 3:
<span th:text="${#authentication.getPrincipal().getUsername()}"></span>
Solution 3
When using Spring boot 2.2.1.
For the maven, Add these lines to the pom.xml
<dependency>
<groupId>org.thymeleaf.extras</groupId>
<artifactId>thymeleaf-extras-springsecurity5</artifactId>
</dependency>
In the thymeleaf
<span th:text="${#authentication.getPrincipal().getUsername()}"></span>
<span th:text="${#authentication.getPrincipal().authorities}"></span>
Solution 4
This construct is working for me (spring boot 1.5 and 2.0/thymeleaf 3):
It is documented here (bottom of the page) Thymeleaf + Spring Security integration basics
Logged user: <span sec:authentication="name">Bob</span>
Don´t forget to include the sec tag in the html section of your view:
<!DOCTYPE html>
<html xmlns:th="http://www.thymeleaf.org"
xmlns:sec="http://www.thymeleaf.org/extras/spring-security">
<head>
</head>
<body>
I hope this helps!
Have a nice day!
Thomas
Solution 5
For me, When using Spring boot 2.1.2 I need to use the following
<span th:text="${#authentication.getPrincipal()}"></span> <!-- No ".getUsername()"-->
With thymeleaf-extras-springsecurity5
Dee
Updated on April 12, 2020Comments
-
Dee about 4 years
I have a Spring Boot application that uses Spring Security and Thymeleaf template. I am trying to display the logged-in user's first name and last name in a template when the controller is managed by a subclass of WebConfigurerAdapter.
So, say my WebConfigurerAdapter subclass looks like this
@Configuration public class MvcConfig extends WebMvcConfigurerAdapter{ @Override public void addViewControllers(ViewControllerRegistry registry){ registry.addViewController("/some-logged-in-page").setViewName("some-logged-in-page"); registry.addViewController("/login").setViewName("login"); } .... }
My User entity class looks like this
@Entity @Table(name = "user") public class User { @Id @GeneratedValue(strategy = GenerationType.IDENTITY) @Column(name = "id", nullable = false, updatable = false) private Long id; @Column(name="first_name", nullable = false) private String firstName; public String getFirstName() { return firstName; } ... }
In my template, I have tried using code like
<div sec:authentication="firstName"></div>
But it didn't work.
I know it is possible to use a ControllerAdvise as follows:
@ControllerAdvice public class CurrentUserControllerAdvice { @ModelAttribute("currentUser") public UserDetails getCurrentUser(Authentication authentication) { return (authentication == null) ? null : (UserDetails) authentication.getPrincipal(); } }
and then access the details in the template using code like:
<span th:text ="${currentUser.getUser().getFirstName()}"></span>
But this doesn't work with any view controller registered with my class MvcConfig. Rather I will need to make sure each of my controllers are separate classes.
So, could someone kindly point me to a way to automatically insert the logged-in user details to my view, e.g. some-logged-in-page.html in this example? Thanks
-
Rashid almost 7 yearsexplain more about your answer
-
Scaramouche over 5 yearsdo you know of a way to do so with the user's role? like
<span sec:authentication="role">Bob</span>
-
Thomas Lang over 5 yearsSure. Just use this:
<span sec:authentication="principal.authorities">[ROLE_USER, ROLE_ADMIN]</span>
that should do the trick. Here are some hints to find: spring security thymeleaf. I hope this helps.