问题
I setup my Spring Security application according to the reference document and after hours of troubleshooting I continue to get a null @AuthenticationPrincipal passed into my controller.
The authentication mechanism is working fine against the users in my database but still a null @AuthenticationPrincipal. I consulted several internet posts including this, and this but still I am getting null.
I am using Spring-Boot 1.2.2 and Spring Security 3.2.6.
Relevant POM:
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>1.2.2.RELEASE</version>
<relativePath/>
</parent>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
Application:
@SpringBootApplication
public class AuditWebApplication {
// code
}
WebSecurityConfigurerAdapter:
@Configuration
@Order(SecurityProperties.ACCESS_OVERRIDE_ORDER)
@EnableGlobalMethodSecurity(prePostEnabled=true)
@EnableWebMvcSecurity
public class SecurityConfiguration WebSecurityConfigurerAdapter {
@Autowired
private UserDetailsService userDetailsService;
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(userDetailsService);
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.httpBasic()
.and()
.logout()
.logoutSuccessUrl("/#/login")
.and()
.authorizeRequests()
.antMatchers("/index.html", "/views/**", // public side.
"/images/**", "/scripts/**", "/styles/**", "/vendor/**", "/")
.permitAll()
.anyRequest().authenticated().and().csrf()
.csrfTokenRepository(csrfTokenRepository()).and()
.addFilterAfter(csrfHeaderFilter(), SessionManagementFilter.class);
}
UserDetailsService:
@Transactional
@Service
public class UserServiceBean implements UserService {
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
// Custom domain User object, not spring security
User user = userRepository.findByusername(username);
if(user == null) {
throw new UsernameNotFoundException("Unable to load user by username = '" + username + "'");
}
List<UserRole> userRoles = userRoleRepository.findAllByUserId(user.getId());
user.setUserRoles(userRoles);
return new UserRepositoryUserDetails(user);
}
// User here refers to my application's domain User object, not Spring Security
private final static class UserRepositoryUserDetails extends User implements UserDetails {
public UserRepositoryUserDetails(User user) {
super(user);
}
@Override
public Collection<? extends GrantedAuthority> getAuthorities() {
List<String> authoritiesList = new ArrayList<String>();
List<UserRole> userRoles = getUserRoles();
userRoles.forEach((ur) -> {
if(ur.isActive()) {
authoritiesList.add(ur.getRoleDesc());
}
});
String authoritiesString = StringUtils.join(authoritiesList, ',');
return AuthorityUtils.commaSeparatedStringToAuthorityList(authoritiesString);
}
@Override
public String getUsername() {
return getLdapUID();
}
@Override
public boolean isAccountNonExpired() {
return true;
}
@Override
public boolean isAccountNonLocked() {
return true;
}
@Override
public boolean isCredentialsNonExpired() {
return true;
}
@Override
public boolean isEnabled() {
return isActive() ;
}
@Override
public String getPassword() {
// fake for now
return "password";
}
}
}
public interface UserService extends UserDetailsService {
// signatures
}
Controller:
import org.springframework.security.web.bind.annotation.AuthenticationPrincipal;
import org.springframework.security.core.userdetails.User;
@RequestMapping(value="/products", method=RequestMethod.GET)
public ResponseEntity<Map<String,Object>> products(@AuthenticationPrincipal User user){
// user is null
}
Relevant Maven Dependency Tree:
[INFO] ------------------------------------------------------------------------
[INFO] Building Web Project 0.0.1-SNAPSHOT
[INFO] ------------------------------------------------------------------------
[INFO]
[INFO] --- maven-dependency-plugin:2.9:tree (default-cli) @ web-build ---
[WARNING] Using Maven 2 dependency tree to get verbose output, which may be inconsistent with actual Maven 3 resolution
[INFO] com.company:web-build:jar:0.0.1-SNAPSHOT
[INFO] +- com.company:common-build:jar:0.0.1-SNAPSHOT:compile
[INFO] | +- (org.springframework.boot:spring-boot-starter-aop:jar:1.2.2.RELEASE:compile - omitted for duplicate)
[INFO] | \- (org.springframework.boot:spring-boot-starter-security:jar:1.2.2.RELEASE:compile - omitted for duplicate)
[INFO] +- com.company:data-build:jar:0.0.1-SNAPSHOT:compile
[INFO] | +- (com.company:common-build:jar:0.0.1-SNAPSHOT:compile - omitted for duplicate)
[INFO] | +- (org.springframework.boot:spring-boot-starter-security:jar:1.2.2.RELEASE:compile - omitted for duplicate)
[INFO] | +- (org.springframework.boot:spring-boot-starter-jdbc:jar:1.2.2.RELEASE:compile - omitted for duplicate)
[INFO] | +- (org.springframework.boot:spring-boot-starter-aop:jar:1.2.2.RELEASE:compile - omitted for duplicate)
[INFO] | +- com.fasterxml.jackson.core:jackson-annotations:jar:2.4.5:compile
[INFO] | +- (org.apache.commons:commons-lang3:jar:3.3.2:compile - omitted for duplicate)
[INFO] | \- org.springframework.boot:spring-boot-starter-jetty:jar:1.2.2.RELEASE:compile
[INFO] | +- org.eclipse.jetty:jetty-jsp:jar:9.2.9.v20150224:compile
[INFO] | | +- org.eclipse.jetty.toolchain:jetty-schemas:jar:3.1.M0:compile
[INFO] | | +- javax.servlet:javax.servlet-api:jar:3.1.0:compile
[INFO] | | +- javax.servlet.jsp:javax.servlet.jsp-api:jar:2.3.1:compile
[INFO] | | +- org.glassfish.web:javax.servlet.jsp:jar:2.3.2:compile
[INFO] | | | +- (org.glassfish:javax.el:jar:3.0.0:compile - omitted for duplicate)
[INFO] | | | \- (javax.servlet.jsp:javax.servlet.jsp-api:jar:2.3.1:compile - omitted for duplicate)
[INFO] | | +- org.eclipse.jetty.orbit:javax.servlet.jsp.jstl:jar:1.2.0.v201105211821:compile
[INFO] | | +- org.glassfish.web:javax.servlet.jsp.jstl:jar:1.2.2:compile
[INFO] | | +- org.glassfish:javax.el:jar:3.0.0:compile
[INFO] | | \- org.eclipse.jetty.orbit:org.eclipse.jdt.core:jar:3.8.2.v20130121:compile
[INFO] | +- org.eclipse.jetty:jetty-webapp:jar:9.2.9.v20150224:compile
[INFO] | | +- org.eclipse.jetty:jetty-xml:jar:9.2.9.v20150224:compile
[INFO] | | | \- org.eclipse.jetty:jetty-util:jar:9.2.9.v20150224:compile
[INFO] | | \- org.eclipse.jetty:jetty-servlet:jar:9.2.9.v20150224:compile
[INFO] | | \- org.eclipse.jetty:jetty-security:jar:9.2.9.v20150224:compile
[INFO] | | \- org.eclipse.jetty:jetty-server:jar:9.2.9.v20150224:compile
[INFO] | | +- (javax.servlet:javax.servlet-api:jar:3.1.0:compile - omitted for duplicate)
[INFO] | | +- (org.eclipse.jetty:jetty-http:jar:9.2.9.v20150224:compile - omitted for duplicate)
[INFO] | | \- (org.eclipse.jetty:jetty-io:jar:9.2.9.v20150224:compile - omitted for duplicate)
[INFO] | +- org.eclipse.jetty.websocket:websocket-server:jar:9.2.9.v20150224:compile
[INFO] | | +- org.eclipse.jetty.websocket:websocket-common:jar:9.2.9.v20150224:compile
[INFO] | | | +- org.eclipse.jetty.websocket:websocket-api:jar:9.2.9.v20150224:compile
[INFO] | | | +- (org.eclipse.jetty:jetty-util:jar:9.2.9.v20150224:compile - omitted for duplicate)
[INFO] | | | \- org.eclipse.jetty:jetty-io:jar:9.2.9.v20150224:compile
[INFO] | | | \- (org.eclipse.jetty:jetty-util:jar:9.2.9.v20150224:compile - omitted for duplicate)
[INFO] | | +- org.eclipse.jetty.websocket:websocket-client:jar:9.2.9.v20150224:compile
[INFO] | | | +- (org.eclipse.jetty:jetty-util:jar:9.2.9.v20150224:compile - omitted for duplicate)
[INFO] | | | +- (org.eclipse.jetty:jetty-io:jar:9.2.9.v20150224:compile - omitted for duplicate)
[INFO] | | | \- (org.eclipse.jetty.websocket:websocket-common:jar:9.2.9.v20150224:compile - omitted for duplicate)
[INFO] | | +- org.eclipse.jetty.websocket:websocket-servlet:jar:9.2.9.v20150224:compile
[INFO] | | | +- (org.eclipse.jetty.websocket:websocket-api:jar:9.2.9.v20150224:compile - omitted for duplicate)
[INFO] | | | \- (javax.servlet:javax.servlet-api:jar:3.1.0:compile - omitted for duplicate)
[INFO] | | +- (org.eclipse.jetty:jetty-servlet:jar:9.2.9.v20150224:compile - omitted for duplicate)
[INFO] | | \- org.eclipse.jetty:jetty-http:jar:9.2.9.v20150224:compile
[INFO] | | \- (org.eclipse.jetty:jetty-util:jar:9.2.9.v20150224:compile - omitted for duplicate)
[INFO] | \- org.eclipse.jetty.websocket:javax-websocket-server-impl:jar:9.2.9.v20150224:compile
[INFO] | +- org.eclipse.jetty:jetty-annotations:jar:9.2.9.v20150224:compile
[INFO] | | +- org.eclipse.jetty:jetty-plus:jar:9.2.9.v20150224:compile
[INFO] | | | +- (org.eclipse.jetty:jetty-webapp:jar:9.2.9.v20150224:compile - omitted for duplicate)
[INFO] | | | \- org.eclipse.jetty:jetty-jndi:jar:9.2.9.v20150224:compile
[INFO] | | | \- (org.eclipse.jetty:jetty-util:jar:9.2.9.v20150224:compile - omitted for duplicate)
[INFO] | | +- (org.eclipse.jetty:jetty-webapp:jar:9.2.9.v20150224:compile - omitted for duplicate)
[INFO] | | +- javax.annotation:javax.annotation-api:jar:1.2:compile
[INFO] | | +- org.ow2.asm:asm:jar:5.0.1:compile
[INFO] | | \- org.ow2.asm:asm-commons:jar:5.0.1:compile
[INFO] | | \- org.ow2.asm:asm-tree:jar:5.0.1:compile
[INFO] | | \- (org.ow2.asm:asm:jar:5.0.1:compile - omitted for duplicate)
[INFO] | +- org.eclipse.jetty.websocket:javax-websocket-client-impl:jar:9.2.9.v20150224:compile
[INFO] | | +- (org.eclipse.jetty.websocket:websocket-client:jar:9.2.9.v20150224:compile - omitted for duplicate)
[INFO] | | \- (javax.websocket:javax.websocket-api:jar:1.0:compile - omitted for duplicate)
[INFO] | +- (org.eclipse.jetty.websocket:websocket-server:jar:9.2.9.v20150224:compile - omitted for duplicate)
[INFO] | \- javax.websocket:javax.websocket-api:jar:1.0:compile
[INFO] +- org.springframework.boot:spring-boot-starter-security:jar:1.2.2.RELEASE:compile
[INFO] | +- org.springframework.boot:spring-boot-starter:jar:1.2.2.RELEASE:compile
[INFO] | | +- org.springframework.boot:spring-boot:jar:1.2.2.RELEASE:compile
[INFO] | | | +- (org.springframework:spring-core:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] | | | \- (org.springframework:spring-context:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] | | +- org.springframework.boot:spring-boot-autoconfigure:jar:1.2.2.RELEASE:compile
[INFO] | | | +- (org.springframework.boot:spring-boot:jar:1.2.2.RELEASE:compile - omitted for duplicate)
[INFO] | | | \- org.yaml:snakeyaml:jar:1.14:compile
[INFO] | | +- org.springframework.boot:spring-boot-starter-logging:jar:1.2.2.RELEASE:compile
[INFO] | | | +- org.slf4j:jcl-over-slf4j:jar:1.7.10:compile
[INFO] | | | | \- org.slf4j:slf4j-api:jar:1.7.10:compile (version managed from 1.7.6)
[INFO] | | | +- org.slf4j:jul-to-slf4j:jar:1.7.10:compile
[INFO] | | | | \- (org.slf4j:slf4j-api:jar:1.7.10:compile - version managed from 1.7.6; omitted for duplicate)
[INFO] | | | +- org.slf4j:log4j-over-slf4j:jar:1.7.10:compile
[INFO] | | | | \- (org.slf4j:slf4j-api:jar:1.7.10:compile - version managed from 1.7.6; omitted for duplicate)
[INFO] | | | \- ch.qos.logback:logback-classic:jar:1.1.2:compile
[INFO] | | | +- ch.qos.logback:logback-core:jar:1.1.2:compile
[INFO] | | | \- (org.slf4j:slf4j-api:jar:1.7.10:compile - version managed from 1.7.6; omitted for duplicate)
[INFO] | | +- (org.springframework:spring-core:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] | | \- (org.yaml:snakeyaml:jar:1.14:compile - scope updated from runtime; omitted for duplicate)
[INFO] | +- org.springframework:spring-beans:jar:4.1.5.RELEASE:compile
[INFO] | | \- (org.springframework:spring-core:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] | +- org.springframework:spring-context:jar:4.1.5.RELEASE:compile
[INFO] | | +- (org.springframework:spring-aop:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] | | +- (org.springframework:spring-beans:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] | | +- (org.springframework:spring-core:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] | | \- (org.springframework:spring-expression:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] | +- org.springframework:spring-core:jar:4.1.5.RELEASE:compile
[INFO] | +- org.springframework:spring-expression:jar:4.1.5.RELEASE:compile
[INFO] | | \- (org.springframework:spring-core:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] | +- org.springframework:spring-web:jar:4.1.5.RELEASE:compile (version managed from 3.2.8.RELEASE)
[INFO] | | +- (org.springframework:spring-aop:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] | | +- (org.springframework:spring-beans:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] | | +- (org.springframework:spring-context:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] | | \- (org.springframework:spring-core:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] | +- org.springframework.security:spring-security-config:jar:3.2.6.RELEASE:compile
[INFO] | | +- aopalliance:aopalliance:jar:1.0:compile
[INFO] | | +- org.springframework.security:spring-security-core:jar:3.2.6.RELEASE:compile
[INFO] | | | +- (aopalliance:aopalliance:jar:1.0:compile - omitted for duplicate)
[INFO] | | | +- (org.springframework:spring-aop:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] | | | +- (org.springframework:spring-beans:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] | | | +- (org.springframework:spring-context:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] | | | +- (org.springframework:spring-core:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] | | | \- (org.springframework:spring-expression:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] | | +- (org.springframework:spring-aop:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] | | +- (org.springframework:spring-beans:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] | | +- (org.springframework:spring-context:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] | | \- (org.springframework:spring-core:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] | +- org.springframework.security:spring-security-web:jar:3.2.6.RELEASE:compile
[INFO] | | +- (aopalliance:aopalliance:jar:1.0:compile - omitted for duplicate)
[INFO] | | +- (org.springframework.security:spring-security-core:jar:3.2.6.RELEASE:compile - omitted for duplicate)
[INFO] | | +- (org.springframework:spring-beans:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] | | +- (org.springframework:spring-context:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] | | +- (org.springframework:spring-core:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] | | +- (org.springframework:spring-expression:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] | | \- (org.springframework:spring-web:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] | \- org.springframework:spring-aop:jar:4.1.5.RELEASE:compile
[INFO] | +- (aopalliance:aopalliance:jar:1.0:compile - omitted for duplicate)
[INFO] | +- (org.springframework:spring-beans:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] | \- (org.springframework:spring-core:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] +- org.springframework.boot:spring-boot-starter-web:jar:1.2.2.RELEASE:compile
[INFO] | +- (org.springframework.boot:spring-boot-starter:jar:1.2.2.RELEASE:compile - omitted for duplicate)
[INFO] | +- org.springframework.boot:spring-boot-starter-tomcat:jar:1.2.2.RELEASE:compile
[INFO] | | +- org.apache.tomcat.embed:tomcat-embed-core:jar:8.0.20:compile
[INFO] | | +- org.apache.tomcat.embed:tomcat-embed-el:jar:8.0.20:compile
[INFO] | | +- org.apache.tomcat.embed:tomcat-embed-logging-juli:jar:8.0.20:compile
[INFO] | | \- org.apache.tomcat.embed:tomcat-embed-websocket:jar:8.0.20:compile
[INFO] | | \- (org.apache.tomcat.embed:tomcat-embed-core:jar:8.0.20:compile - omitted for duplicate)
[INFO] | +- com.fasterxml.jackson.core:jackson-databind:jar:2.4.5:compile
[INFO] | | +- (com.fasterxml.jackson.core:jackson-annotations:jar:2.4.5:compile - version managed from 2.4.0; omitted for duplicate)
[INFO] | | \- com.fasterxml.jackson.core:jackson-core:jar:2.4.5:compile
[INFO] | +- org.hibernate:hibernate-validator:jar:5.1.3.Final:compile
[INFO] | | +- javax.validation:validation-api:jar:1.1.0.Final:compile
[INFO] | | +- org.jboss.logging:jboss-logging:jar:3.1.3.GA:compile
[INFO] | | \- com.fasterxml:classmate:jar:1.0.0:compile
[INFO] | +- (org.springframework:spring-core:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] | +- (org.springframework:spring-web:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] | \- org.springframework:spring-webmvc:jar:4.1.5.RELEASE:compile
[INFO] | +- (org.springframework:spring-beans:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] | +- (org.springframework:spring-context:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] | +- (org.springframework:spring-core:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] | +- (org.springframework:spring-expression:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] | \- (org.springframework:spring-web:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] +- org.springframework.boot:spring-boot-starter-jdbc:jar:1.2.2.RELEASE:compile
[INFO] | +- (org.springframework.boot:spring-boot-starter:jar:1.2.2.RELEASE:compile - omitted for duplicate)
[INFO] | +- (org.springframework:spring-core:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] | +- org.springframework:spring-jdbc:jar:4.1.5.RELEASE:compile
[INFO] | | +- (org.springframework:spring-beans:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] | | +- (org.springframework:spring-core:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] | | \- (org.springframework:spring-tx:jar:4.1.5.RELEASE:compile - omitted for duplicate)
[INFO] | +- org.apache.tomcat:tomcat-jdbc:jar:8.0.20:compile
[INFO] | | \- org.apache.tomcat:tomcat-juli:jar:8.0.20:compile
[INFO] | \- org.springframework:spring-tx:jar:4.1.5.RELEASE:compile
[INFO] | +- (org.springframework:spring-beans:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] | \- (org.springframework:spring-core:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] +- org.springframework.boot:spring-boot-starter-aop:jar:1.2.2.RELEASE:compile
[INFO] | +- (org.springframework.boot:spring-boot-starter:jar:1.2.2.RELEASE:compile - omitted for duplicate)
[INFO] | +- (org.springframework:spring-aop:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] | +- (org.springframework:spring-core:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] | +- org.aspectj:aspectjrt:jar:1.8.5:compile
[INFO] | \- org.aspectj:aspectjweaver:jar:1.8.5:compile
[INFO] +- org.apache.commons:commons-lang3:jar:3.3.2:compile
[INFO] +- commons-beanutils:commons-beanutils:jar:1.9.2:compile
[INFO] | \- commons-collections:commons-collections:jar:3.2.1:compile
[INFO] +- org.springframework.boot:spring-boot-starter-test:jar:1.2.2.RELEASE:test
[INFO] | +- junit:junit:jar:4.12:test
[INFO] | | \- (org.hamcrest:hamcrest-core:jar:1.3:test - version managed from 1.1; omitted for duplicate)
[INFO] | +- org.mockito:mockito-core:jar:1.10.19:test
[INFO] | | +- (org.hamcrest:hamcrest-core:jar:1.3:test - version managed from 1.1; omitted for duplicate)
[INFO] | | \- org.objenesis:objenesis:jar:2.1:test
[INFO] | +- org.hamcrest:hamcrest-core:jar:1.3:test
[INFO] | +- org.hamcrest:hamcrest-library:jar:1.3:test
[INFO] | | \- (org.hamcrest:hamcrest-core:jar:1.3:test - version managed from 1.1; omitted for duplicate)
[INFO] | +- (org.springframework:spring-core:jar:4.1.5.RELEASE:test - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] | \- org.springframework:spring-test:jar:4.1.5.RELEASE:test
[INFO] | \- (org.springframework:spring-core:jar:4.1.5.RELEASE:test - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] +- org.springframework.boot:spring-boot-starter-actuator:jar:1.2.2.RELEASE:compile
[INFO] | +- (org.springframework.boot:spring-boot-starter:jar:1.2.2.RELEASE:compile - omitted for duplicate)
[INFO] | +- org.springframework.boot:spring-boot-actuator:jar:1.2.2.RELEASE:compile
[INFO] | | +- (org.springframework.boot:spring-boot:jar:1.2.2.RELEASE:compile - omitted for duplicate)
[INFO] | | +- (org.springframework.boot:spring-boot-autoconfigure:jar:1.2.2.RELEASE:compile - omitted for duplicate)
[INFO] | | +- (com.fasterxml.jackson.core:jackson-databind:jar:2.4.5:compile - omitted for duplicate)
[INFO] | | +- (org.springframework:spring-core:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] | | \- (org.springframework:spring-context:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] | \- (org.springframework:spring-core:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] +- org.flywaydb:flyway-core:jar:3.1:compile
[INFO] +- org.mockito:mockito-all:jar:1.10.19:compile
[INFO] +- com.h2database:h2:jar:1.4.185:compile
[INFO] +- mysql:mysql-connector-java:jar:5.1.34:compile
[INFO] +- org.codehaus.janino:janino:jar:2.6.1:compile
[INFO] | \- org.codehaus.janino:commons-compiler:jar:2.6.1:compile
[INFO] +- org.apache.poi:poi:jar:3.10-FINAL:compile
[INFO] | \- commons-codec:commons-codec:jar:1.5:compile
[INFO] +- org.apache.poi:poi-ooxml:jar:3.10-FINAL:compile
[INFO] | +- (org.apache.poi:poi:jar:3.10-FINAL:compile - omitted for duplicate)
[INFO] | +- org.apache.poi:poi-ooxml-schemas:jar:3.10-FINAL:compile
[INFO] | | \- org.apache.xmlbeans:xmlbeans:jar:2.3.0:compile
[INFO] | | \- stax:stax-api:jar:1.0.1:compile
[INFO] | \- dom4j:dom4j:jar:1.6.1:compile
[INFO] | \- xml-apis:xml-apis:jar:1.0.b2:compile
[INFO] \- org.scala-lang:scala-library:jar:2.10.4:compile
回答1:
Pls try this :-
a) Change
@Autowired
private UserDetailsService userDetailsService;
To
@Autowired
private UserServiceBean userDetailsService;
b) Use @Service here
@Service
public class UserServiceBean implements UserService {
c) Change @AuthenticationPrincipal User user to @AuthenticationPrincipal UserDetails userDetails
回答2:
The type in the controller needs to match with the type that you return from the UserDetailsService
.
The Javadoc explicitly states:
If the types do not match,
null
will be returned unlessAuthenticationPrincipal.errorOnInvalidType()
istrue
in which case aClassCastException
will be thrown.
Pretty strange that the error is not the default.
来源:https://stackoverflow.com/questions/32686587/null-authenticationprincipal-with-spring-boot-security