Results 1 to 2 of 2

Thread: HttpSession returned null object for SPRING_SECURITY_CONTEXT

  1. Oct 1st, 2012, 11:12 AM #1
    emanuelef
    emanuelef is offline Junior Member
    Join Date
    Sep 2012
    Posts
    1

    Default HttpSession returned null object for SPRING_SECURITY_CONTEXT

    Hi
    I'm trying to integrate the Spring Saml library (http://static.springsource.org/sprin...aml/index.html) in a sample webapplication, using Shibboleth as IDP.
    I'm able to load the login page, to login and to show the index page.

    The problem is that when I click on other links the webapp redirect me to the login page, then the IDP recognizes me and redirects to the requested page (if the network is fast it's very difficult to see this). It's like I'm not logged in for Spring security.

    I checked the log and I found this:
    Code:
    org.springframework.security.web.context.HttpSessionSecurityContextRepository - HttpSession returned null object for SPRING_SECURITY_CONTEXT
org.springframework.security.web.context.HttpSessionSecurityContextRepository - No SecurityContext was available from the HttpSession: org.apache.catalina.session.StandardSessionFacade@fde8fb. A new one will be created.
    Any idea?

    Thanks
    emanuele
    Reply With Quote Reply With Quote
  2. Jan 1st, 2013, 05:49 PM #2
    vsch
    vsch is offline Senior Member
    Join Date
    Feb 2009
    Location
    Helsinki
    Posts
    155

    Default

    It sounds like the problem could be related to SEC-2027 bug in Spring Security 3.1.1 (https://jira.springsource.org/browse/SEC-2027). In case it's still relevant could you try upgrading to a later release of Spring Security?
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules