Package org.springframework.security.core.annotation

Annotation Interface AuthenticationPrincipal

@Target({PARAMETER,ANNOTATION_TYPE})
@Retention(RUNTIME)
@Documented
public @interface AuthenticationPrincipal

Annotation that is used to resolve Authentication.getPrincipal() to a method argument.

Since:

4.0 See: AuthenticationPrincipalArgumentResolver

Optional Element Summary

Optional Elements

Modifier and Type	Optional Element	Description
boolean	errorOnInvalidType	True if a ClassCastException should be thrown when the current Authentication.getPrincipal() is the incorrect type.
String	expression	If specified will use the provided SpEL expression to resolve the principal.

Element Details

errorOnInvalidType

boolean errorOnInvalidType

True if a ClassCastException should be thrown when the current Authentication.getPrincipal() is the incorrect type. Default is false.

Returns:

Default:

false

expression

String expression

If specified will use the provided SpEL expression to resolve the principal. This is convenient if users need to transform the result.

For example, perhaps the user wants to resolve a CustomUser object that is final and is leveraging a UserDetailsService. This can be handled by returning an object that looks like:

 public class CustomUserUserDetails extends User {
     // ...
     public CustomUser getCustomUser() {
         return customUser;
     }
 }
 

Then the user can specify an annotation that looks like:

 @AuthenticationPrincipal(expression = "customUser")
 

Returns:

the expression to use.

Default:

""