Thanks Ben, I have taken the 2nd approach. i.e have another method on the interface called UserInfo that contains all info sans the password. However, I think that this becomes a bit messy (imo :)) . What I was thinking was :
Since getPrincipal already has a signature of Object, why can't it be allowed to store the user object sans password instead of only the user name as string. Then in my provider, I can prepare my user object in anyway I like, whether it be string (user name) or an object with some info and then cast it accordingly in my view . Just my 2 cents!! Thanks Shishir -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ben Alex Sent: Monday, June 07, 2004 2:39 AM To: [EMAIL PROTECTED] Subject: RE: [Acegisecurity-developer] Custom attributes on User Object Hi Shishir > How do I access some attributes (like email Id's etc )on the my User > object in addition to the userName, password and granted authorities > as existing on the ACEIG User object, . > Right now, I am querying the database and getting my User object > separate from the Authentication object of ACEIG, but I feel that this > is not the right way to do it. > > Is there a way out. The way I do it is subclass User and make an ExtendedUser. My ExtendedUser has a salt property, so that ReflectionSaltSource can be used. But anyway, back to your question.... You'll need to modify your AuthenticationDao.loadUserByUsername(String) method to return your ExtendedUser instead of the normal User. If you're interested in this from an event logging perspective, the User is available inside the AuthenticationEvent. So it's a simple matter of casting to ExtendedUser and accessing your properties. If you're interested in this from a non-event logging perspective (eg you want email Ids etc available during web view rendering via the ContextHolder etc), you'll need to generate your own Authentication object. The most elegant way of doing this would be to make an Authentication object that has a property for the User. That way any extensions to User (like ExtendedUser) would be available in web views etc. So your code would be something like: ((ExtendedUser) ((ExtendedAuthentication) ((SecureContext) ContextHolder.getContext()).getAuthentication()).getUser()).getEmail().I f people think this is of interest, please let me know. HTH Ben ------------------------------------------------------- This SF.Net email is sponsored by the new InstallShield X. >From Windows to Linux, servers to mobile, InstallShield X is the one installation-authoring solution that does it all. Learn more and evaluate today! http://www.installshield.com/Dev2Dev/0504 _______________________________________________ Acegisecurity-developer mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer ------------------------------------------------------- This SF.Net email is sponsored by the new InstallShield X. >From Windows to Linux, servers to mobile, InstallShield X is the one installation-authoring solution that does it all. Learn more and evaluate today! http://www.installshield.com/Dev2Dev/0504 _______________________________________________ Acegisecurity-developer mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
