Custom UserDetails, UserDetailsService impl fails to getPrincipal as expected.
Ok,
before flaming me, I searched and searched this and other forums. No matter what I try getPrincipal only returns a String. I have tried all the options that I could find to resolve this issue without luck. I have to be missing something in my configuration or implementation classes. I have audited and reviewed my files for several hours and still can't find the error (code excerpts below).
I found the older post:
http://forum.springframework.org/arc...hp/t-9886.html
jameli
Junior Member Join Date: Aug 2004
Posts: 6
Why the type of auth.getPrincipal() is always String ?
...
and Ben's reply:
Ben Alex
03-29-2005, 07:01 PM
We've covered this on the acegisecurity-developers list. For the benefit of the forums, see http://www.mail-archive.com/acegisec.../msg00876.html.
but no matter what I try I can't the the UserDetails information as anything but a String.
My impl / config information:
Excerpt from class trying to get the Member (UserDetails) object:
UserDetailsService Impl:Code:Member member = (Member)SecureContextUtils.getSecureContext() .getAuthentication().getPrincial(); // Fails – ClassCastException – getPrincipal() returning String /** have tried from one example Authentication auth = null; if ((auth = SecurityContextHolder.getContext().getAuthentication()) == null) { return null; } logger.debug("PRINCIPAL = " + auth.getPrincipal()); logger.debug("DETAILS = " + auth.getDetails()); Member member = (Member)auth.getPrincipal(); // fails – getPrinciple still returning String */ /** from another example String username = auth.getPrincipal().toString(); String password = auth.getCredentials().toString(); GrantedAuthority[] authorities = auth.getAuthorities(); UsernamePasswordAuthenticationToken authTok = new UsernamePasswordAuthenticationToken(username, password, authorities); Member member = (Member)authTok.getPrincipal(); // fails – getPrinciple still returning String */
Member Object:Code:public class AuthenticationService implements UserDetailsService { . . . public Member loadUserByUsername(String username) { Member member = memberService.getMember(username); if (member != null && member.getPassword() != null) { // add additional ACEGI values member.setEnabled(true); member.setAccountNonExpired(true); member.setCredentialsNonExpired(true); member.setAccountNonLocked(true); } else { throw new UsernameNotFoundException(messageSource.getMessage( "login.user.unknown", null, "Invalid user", Locale .getDefault())); } logger.debug(member.toString()); return member; } . . . }
Application Context:Code:public class Member implements UserDetails { . . . private GrantedAuthority[] authorities; // Acegi related fields public GrantedAuthority[] getAuthorities() { return authorities; } public void setAuthorities(GrantedAuthority[] authorities) { this.authorities = authorities; } public boolean isAccountNonExpired() { return accountNonExpired; } public void setAccountNonExpired(boolean expired) { accountNonExpired = expired; } public boolean isAccountNonLocked() { return accountNonLocked; } public void setAccountNonLocked(boolean locked) { accountNonLocked = locked; } public boolean isCredentialsNonExpired() { return credentialsNonExpired; } public void setCredentialsNonExpired(boolean expired) { credentialsNonExpired = expired; } . . . }
Code:<bean id="daoAuthenticationProvider" class="org.acegisecurity.providers.dao.DaoAuthenticationProvider"> <property name="userDetailsService" ref="authenticationService" /> <!-- <property name="passwordEncoder" ref="shaHexPasswordEncoder" /> --> <property name="hideUserNotFoundExceptions" value="false" /> <property name="messageSource" ref="messageSource" /> <property name="forcePrincipalAsString" value="false"/> </bean> <bean id="authenticationService" class="org.myorg.security.AuthenticationService"> <property name="memberService" ref="memberService" /> <property name="messageSource" ref="messageSource" /> </bean>
Any information is appreciated, this is driving me crazy.
Thanks, Phil
