My solution is do not query User object from persistence layer instead of retrieve from spring-security directly:
Code:@Override
public User getCurrentAuditor() {
User auditor;
Authentication authentication = SecurityContextHolder.getContext()
.getAuthentication();
if (authentication != null) {
Object principal = authentication.getPrincipal();
if (principal instanceof User) {
auditor = (User) principal;
} else {
auditor = null;
log.warn("The principal is not a user.");
}
} else {
auditor = null;
}
return auditor;
}
