It's available by HttpServletRequest#getRemoteUser()
which is in JSF context delegated by ExternalContext#getRemoteUser()
.
So, this should do either in the view:
<ui:fragment rendered="#{empty request.remoteUser}">
<p>This is only rendered when someone's NOT logged in.</p>
</ui:fragment>
<ui:fragment rendered="#{not empty request.remoteUser}">
<p>This is only rendered when someone's been logged in.</p>
<p>Welcome, you're logged in as #{request.remoteUser}!</p>
</ui:fragment>
or in the managed bean:
ExternalContext ec = FacesContext.getCurrentInstance().getExternalContext();
String username = ec.getRemoteUser();
// ...
Unrelated to the concrete problem: it's better to get rid of that onsubmit
nonsense and just use plain <form>
instead of <h:form>
.
<form id="login" action="j_security_check">
This way it'll also work on JS-disabled clients.