10

How do I get access to HttpServletRequest within a custom AuthenticationProvider. I have tried doing this

RequestAttributes requestAttributes = RequestContextHolder.getRequestAttributes();

HttpServletRequest request = ((ServletRequestAttributes) requestAttributes).getRequest();
String username = (String) httpReq.getAttribute("j_username");

OR

RequestAttributes requestAttributes = RequestContextHolder.getRequestAttributes();
HttpServletRequest httpReq = ((ServletRequestAttributes)RequestContextHolder.currentRequestAttributes()).getRequest();

String username = (String) httpReq.getAttribute("j_username");

i am getting username null

but RequestContextHolder.getRequestAttributes(); returns null.

I want to reference the requestcontext, pass it in, or have Spring do its Magic so I can reference it.

I am also giving the RequestContextListener in my web.xml

  <listener>
    <listener-class>org.springframework.web.context.request.RequestContextListener</listener-class>
  </listener>

I have searched the security forum but still havent found anything yet.

Thanks in advance.

Improve this question
3
  • Shouldn't those credentials be contained within the Authentication object? static.springsource.org/spring-security/site/docs/3.0.x/apidocs/… Commented Jul 5, 2012 at 18:09
  • Dardo is correct. I think you should probably look at some basic samples and read some of the documentation, then explain in more detail what you are trying to achieve, because I can't think of a valid reason for trying to access the username in this way. Commented Jul 8, 2012 at 14:26
  • 2
    The credentials will indeed be in the Authentication object. However, I'm also looking for a solution. I too need to access the request but for another reason. In my app the URL plays a role in the authentication. Any ideas on how to get it in this class? Commented Apr 20, 2014 at 8:27

3 Answers 3

Reset to default
9

I just added the listener to my web.xml and RequestContextHolder.getRequestAttributes() returns the RequestAttributes instead of null.

<listener>
  <listener-class>org.springframework.web.context.request.RequestContextListener</listener-class>
</listener>

If you want to customize you login form, why you don't extend this filter: org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

I've tested on 3.3 version.

  1. Add RequestContextFilter
.addFilterBefore(new RequestContextFilter(), myFilter)
  1. Register RequestContextListener
@Configuration
public class WebConfig {

    @Bean
    RequestContextListener requestContextListener() {
        return new RequestContextListener();
    }
}

It's the same method as the answer above, but it uses java configuration.

Improve this answer

Comments

-3

Use request.getParameter("j_username"); instead of request.getAttribute("j_username");

It works for me. See if it helps you.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.