'Pass of user details from Spring security config to Controller Class

Suggestion required after authentication from security config needs to pass the every user details to the APIs request.

spring-security


Solution 1:[1]

The idea is that you can customise your authentication process such that after successful authentication , it will store the user object inside Authentication which can be retrieved by calling Authentication.getPrincipal().

Then in the controller method , you can access the user object representing the current user by :

//You have cast the user to the type of the user that you customzie manually   
MyCustomUser user = (MyCustomUser) SecurityContextHolder.getContext().getAuthentication().getPrincipal();

Or use @AuthenticationPrincipal to access it :

@GetMapping("/foo")
public String getFoo(@AuthenticationPrincipal MyCustomUser user) {

    
}

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1 Ken Chan

Related Questions

How to return 404 for pages that do not exist when using Grails Spring Security Plugin

spring sas 0.2.0 access_token throw 'Access is denied'

AuthenticationSuccessEvent never fired

Spring Security: How to use a UserDetailsService with JwtAuthenticationProvider?

@EventListener for AuthenticationSuccessEvent or InteractiveAuthenticationSuccessEvent not fired

CookieCsrfTokenRepository allows the client to create its own Csrf Tokens

Authorization Header not getting displayed in CURL springdoc-openapi-ui

Getting 404 error in spring boot even though method is logging statements

Consider defining a bean of type 'org.springframework.security.oauth2.client.registration.ReactiveClientRegistrationRepository' in your configuration

Customizing the TokenEndpoint in spring security OAuth2

Swagger UI being blocked by Spring Security

Spring boot security, always redirects to login page, if navigate through address bar

How does SecurityContextHolder.getContext().getAuthentication() work?

automatically redirect to login page after session timeout - JSP, Spring

Spring security - Disable logout redirect