| Home > FAQs > How do I obtain security details (JAAS) | 
You can obtain the UserPrincipal and other security details by going through the request or implementing PrincipalAware. Implementing PrincipalAware is preferred.
First obtain the HttpServletRequest and then obtain the security Principal.
HttpServletRequest request = ServletActionContext.getRequest();
String authType = request.getAuthType();         // http or https
String user = request.getRemoteUser();           // the user principal (in string)
Principalprincipal = request.getUserPrincipal(); // get a Principal object
bool isAuth = request.isUserInRole("patrick");
 Preferred
 Preferred
servlet-config Interceptor is included in the Action's stack.
	 The default stack already includes
 The default stack already includes servlet-config.setPrincipalProxy(PrincipalProxy) method. You may wish to include a companion getPrincipalProxy method.isUserInRole, getUserPrincipal(), getRemoteUser(), isRequestSecure(), and so forth.@see org.apache.struts.action2.interceptor.PrincipalProxy
@see org.apache.struts.action2.interceptor.PrincipalAware
@see org.apache.struts.action2.interceptor.ServletConfigInterceptor