Reputation: 17873
Getting empty or null SecurityContextHolder.getContext().getAuthentication()
I am implementing MyUsernamePasswordAuthenticationFilter extending the default filter.
I have not done anything in it. I am just trying to get the request here to make it simple.
public class MyUsernamePasswordAuthenticationFilter extends UsernamePasswordAuthenticationFilter {
@Override
public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException {
return super.attemptAuthentication(request, response);
}
}
I am passing my username and password parameters in request.
j_username=Test&j_password=Test
I am doing my authentication in Authentication provider
public class MyiAuthenticationProvider
implements AuthenticationProvider
{
public Authentication authenticate(Authentication a)
throws AuthenticationException
{
UsernamePasswordAuthenticationToken auth = (UsernamePasswordAuthenticationToken) a;
System.out.println("The user name is"+ String.valueOf(auth.getPrincipal()));
----
----
}
}
My applicationcontext is like this
<sec:http auto-config="false" entry-point-ref="MyAuthenticationEntryPoint"
create-session="always">
<sec:custom-filter position="FORM_LOGIN_FILTER"
ref="myUsernamePasswordAuthenticationFilter" />
<sec:logout logout-url="/logout" success-handler-ref="MyLogoutSuccessHandler" />
</sec:http>
<bean id="myUsernamePasswordAuthenticationFilter"
class="my.test.site.security.MyUsernamePasswordAuthenticationFilter">
<property name="filterProcessesUrl" value="/login" />
<property name="authenticationManager" ref="authenticationManager" />
<property name="authenticationFailureHandler" ref="myAuthenticationFailureHandler" />
<property name="authenticationSuccessHandler" ref="myLoginSuccessHandler" />
</bean>
<sec:authentication-manager alias="authenticationManager">
<sec:authentication-provider ref="myAuthenticationProvider" />
</sec:authentication-manager>
<bean id="myAuthenticationProvider" class="my.test.site.security.MyAuthenticationProvider" />
<bean id="myAuthenticationEntryPoint" class="my.test.site.security.MyAuthenticationEntryPoint" />
<bean id="myLoginSuccessHandler" class="my.test.site.security.MyLoginSuccessHandler" />
<bean id="myLogoutSuccessHandler" class="my.test.site.security.MyLogoutSuccessHandler" />
<bean id="myAuthenticationFailureHandler" class="my.test.site.security.MyAuthenticationFailureHandler" />
<bean id="myPreAuthFilter" class="my.test.site.security.MyPreAuthenticationFilter" />
I am getting empty username and password.
Am I missing any configuration?
Upvotes: 0
Views: 2788
Answers (1)
Reputation: 22742
It's not actually true that you haven't done anything, since you're reading the input stream from the request.
If you check the Javadoc for the HttpServletRequest class, this "can interfere with the execution" of the getParameter method.
Normal authentication relies on the use of getParameter, so you shouldn't touch the stream if you want it to work. When processing a request, you should either read it yourself or allow the servlet container to do it and access the parameters using the getParameter method.
Upvotes: 1
Related Questions
- Why SecurityContextHolder.getContext().getAuthentication() returning null value?
- Spring Security getAuthentication() returns null
- SecurityContextHolder.getContext().getAuthentication() returning null
- Spring mvc java.lang.NullPointerException at SecurityContextHolder when trying to get the user
- SecurityContextHolder.getContext().getAuthentication().getCredentials() returns null after authentication
- Why SecurityContextHolder.getContext() == null?
- SecurityContextHolder.getContext().getAuthentication().getPrincipal() is null on Controller
- Spring Security AuthenticationCredentialsNotFoundException, SecurityContextHolder.getContext is null
- SecurityContextHolder.getContext().getAuthentication() returns String
- Spring Security SecurityContextHolder.getContext().getAuthentication() returns null