Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

get user info in spring client

I have a spring 3 application that performs user authentication using spring3. On the server side I can access the current user logged in from SecurityContextHolder.getContext(). But I want to access the current user logged in in the client side in my jquery page. does the spring 3 provide any capability for that? Can somebody suggest some thing regarding this please?

Thanks

like image 475
Biggy_java Avatar asked Jul 05 '26 19:07

Biggy_java


1 Answers

As far as I know there is no magic way to expose the principal and authorities to JavaScript in Spring Security.

You can try to do it yourself. Provide a controller that will be responsible for loading the principal and authorities (via SecurityContextHolder) and print them as JSON. Call this controller from within your page and use the result in JS.

From security point of view you cannot trust this info (because user can modify your JS using Chrome inspector for example). You can do two things to make it more secure:

  1. Minify your JS files.
  2. Make sure that all actions taken from JS then will be checked on server side too.

Good luck.

like image 64
Maksym Demidas Avatar answered Jul 07 '26 12:07

Maksym Demidas



Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!