Given a successful credential, OCS has an interceptor that captures the authenticated user through the java.security.Principal
. This interface represents the user that Spring Security has allowed to pass through its authentication process. The following interceptor manages the /ocs/login.html
such that it filters all the request parameters allowed to access the server container:
public class UserSessionData extends HandlerInterceptorAdapter { @Override public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception { Principal username = request.getUserPrincipal(); HttpSession currentSession = request.getSession(); currentSession.setAttribute("cartUser", username.getName()); } }