Thanks for getting back quickly - it does not seem right that you assume that the pre-authenticated principal is a String - switching the equals check so that you have !principal.equals(currentUser)...
Type: Posts; User: mellster; Keyword(s):
Thanks for getting back quickly - it does not...
Thanks for getting back quickly - it does not seem right that you assume that the pre-authenticated principal is a String - switching the equals check so that you have !principal.equals(currentUser)...
security-web: possible reauthentication & session invalidation for same principal?
org/springframework/security/web/authentication/preauth/AbstractPreAuthenticatedProcessingFilter.java:
The check !currentUser.getName().equals(principal) does not seem right as it is comparing a...