CODEWITHSUNDEEP
spring-securityspring-webflux
ooomid
ooomid

Reputation: 223

How to access ReactiveSecurityContextHolder from ExceptionResolver?

I understand that in order to keep the context, the reactive chain of methods must not be broken. However, I need to get access to the context from the ExceptionResolver (after an exception has been thrown.)

My exception resolver is extending AbstractErrorWebExceptionHandler and when I try to get the context via ReactiveSecurityContextHolder.getContext() it returns empty. Obviously because the reactive chain has been broken.

How can I get access to the authentication object?

Upvotes: 0

Views: 613

Answers (1)

Larisa
Larisa

Reputation: 56

You can get access to the authentication object by overriding the handle method:

public class TestHandler extends AbstractErrorWebExceptionHandler {

    public TestHandler(ErrorAttributes errorAttributes, ResourceProperties resourceProperties,
                       ApplicationContext applicationContext) {
        super(errorAttributes, resourceProperties, applicationContext);
    }

    @Override
    protected RouterFunction<ServerResponse> getRoutingFunction(ErrorAttributes errorAttributes) {
        return null;
    }

    @Override
    public Mono<Void> handle(ServerWebExchange exchange, Throwable throwable) {
        Mono<Principal> authObject = exchange.getPrincipal();
        //Handle exception here
        return exchange.getResponse().setComplete();
    }
}

Another approach is to implement the ErrorWebExceptionHandler directly:

public class TestHandler implements ErrorWebExceptionHandler {

    @Override
    public Mono<Void> handle(ServerWebExchange serverWebExchange, Throwable throwable) {
        Mono<Principal> authObject = serverWebExchange.getPrincipal();
        //Handle exception here
        return serverWebExchange.getResponse().setComplete();
    }
}

Upvotes: 1

Related Questions