How do I set a session variable(an int for the User's ID) after a person logs in using j_security_check in a Java servlet?

Question

I want to store the the user's ID in a session variable to use across the application. I don't see how I'd do that with the default security feature? It authenticates itself and I don't know (if) there is a callback function or something? That we can use to do our house-keeping

Any help is deeply appreciated

BalusC · Accepted Answer · 2010-11-23T03:31:15.227

1

You can use a Filter for this which checks if the user is logged in by container managed security (i.e. HttpServletRequest#getUserPrincipal() doesn't return null) and then sets the session variable if not present.

Basically:

if (request.getUserPrincipal() != null && session.getAttribute("user") == null) {
    session.setAttribute("userId", userId);
}

However, maybe you don't need to do it at all since it proves that you aren't aware about HttpServletRequest#getUserPrincipal(). It may namely already offer exactly the information you need. The login username (it may be the same as the user ID where you're talking about) is available by Principal#getName().

edited Nov 23 '10 at 03:31

answered Nov 23 '10 at 03:08

BalusC

1,082,665
372
3,610
3,555

Yes the book I was referring to does not go into that. Most of my sql queries have foreign keys with the users ID so thats why I wanted to do it. I get the idea though, filter that sets the users id. Thanks i'll look into it – JSPer Nov 23 '10 at 06:41

How do I set a session variable(an int for the User's ID) after a person logs in using j_security_check in a Java servlet?

1 Answers1