spring mvc - SecurityContextHolder.getContext().getAuthentication().getPrincipal() is null on Controller -


i have spring mvc application i'm exposing endpoint, , small library wrote common functionality.

i have utility class this:

class securityutil {     public static principal getprincipal(){        return securitycontextholder.getcontext().getauthentication()               .getprincipal();     }  }

and controller i'm doing like:

 class mycontroller {        public responseentity<void> myendpoint(){            //            principal principal = securityutil.getprincipal();            // use principal information audit processes       }  }

in case principal null, if replace code this:

 class mycontroller {        public responseentity<void> myendpoint(){            //            principal principal = securitycontextholder.getcontext()                                                       .getauthentication()                                                       .getprincipal();            // use principal information audit processes       }  }

in case principal not null , has information need.
know happening?

i going through same problem , have solved in following manner.

create userservice interface

public interface userservice {     string getloggedinusername();     user getloggedinuser(); }

provide implementation userservice, however, can without creating interface , creating userservice class.

@service public class userserviceimpl implements userservice {       private static log log = logfactory.getlog(userserviceimpl.class);      @override     public string getloggedinusername() {         try {             return getloggedinuser().getusername();         } catch (exception ex) {             throw new usernamenotfoundexception("please log in", ex);         }     }      @override     public user getloggedinuser() {         authentication authentication = securitycontextholder.getcontext().getauthentication();          if (authentication.getprincipal() instanceof user) {             return (user) authentication.getprincipal();         } else {             throw new usernamenotfoundexception("user not authenticated; found " + authentication.getprincipal() + " of type " + authentication.getprincipal().getclass() + "; expected type user");         }     }  }

and calling userservice.getloggedinusername() auto wiring userservice

@autowired userservice userservice

update: if getting them in controller can pass principal principal method argument controller method instead of getting security context. auto-wired controller automatically , later on can pass service methods. way considered practice spring mvc, getting principal security context in service layer

@requestmapping(value = "/myendpoint", method = get) public responseentity<void> myendpoint(principal principal){    //    // use principal information audit processes }

Comments

Post a Comment

Popular posts from this blog

Is there a better way to structure post methods in Class Based Views -

i'm using class based views in django , never specify url in ajax calls , omit action parameter in form because know these requests go through post method of class based view. notice view - profile page make many requests depending on user updating on page - post method become convoluted , if/else mess example: def post(self, request, *args, **kwargs): # handle user changing available date if request.post.get('availabledate') != none: self.updateavailabledate(request) return jsonresponse({'result':'success'}) if request.post.get('newprojectname') != none: creative_user = creativeuserprofile.objects.get(id = request.user.id) project = project.create_project(creative_user, request.post['newprojectname']) project.save() return jsonresponse({'projectid': project.id }) if request.post.get('projectimage') != none , request.files['file']: proj
Read more

performance - Why is XCHG reg, reg a 3 micro-op instruction on modern Intel architectures? -

i'm doing micro-optimization on performance critical part of code , came across sequence of instructions (in at&t syntax): add %rax, %rbx mov %rdx, %rax mov %rbx, %rdx i thought had use case xchg allow me shave instruction , write: add %rbx, %rax xchg %rax, %rdx however, dimay found agner fog's instruction tables , xchg 3 micro-op instruction 2 cycle latency on sandy bridge, ivy bridge, broadwell, haswell , skylake. 3 whole micro-ops , 2 cycles of latency! 3 micro-ops throws off 4-1-1-1 cadence , 2 cycle latency makes worse original in best case since last 2 instructions in original might execute in parallel. now... cpu might breaking instruction micro-ops equivalent to: mov %rax, %tmp mov %rdx, %rax mov %tmp, %rdx where tmp anonymous internal register , suppose last 2 micro-ops run in parallel latency 2 cycles. given register renaming occurs on these micro-architectures, though, doesn't make sense me done way. why wouldn't register renamer
Read more

jquery - Responsive Navbar with Sub Navbar -

good day, forgive me nav vocabulary not best. if question confusing apologize. i'm working on navigation bar needs centered on page @ 768px , above. items in nav open (or perhaps toggle) subnav lives directly below. these nav should appear centered on page. i have been able work through responsive portion of nav bar, having main items align vertically , sub nav menu of each item roll out below, , gave them indent separation. working well. however, issue not responsive side, behavior @ width greater 768px. happens toggling menu's sub navigation pushes other main items down page below sub nav. here's code: $(document).ready(function () { //stick in fixed 100% height behind navbar don't wrap $('#slide-nav.navbar-inverse').after($('<div class="inverse" id="navbar-height-col"></div>')); $('#slide-nav.navbar-default').after($('<div id="navbar-height-col"></d
Read more