Announcement Announcement Module
Collapse
No announcement yet.
Should ExpiringUsernameAuthenticationToken contain principal UserDetails object Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Should ExpiringUsernameAuthenticationToken contain principal UserDetails object

    Hi,

    I am using the saml extension from a grails context. So there are a few layers of indirection. I can see that SAMLAuthenticationProvider.authenticate returns a token containing just the username for the principal but the services in the grails security core plugin expect to be returned a UserDetails object.

    Looking at the UsernamePasswordAuthenticationToken and Authentication interface javadoc getPrincipal when called by an Auth manager should return a UserDetails Object.

    In this instance the provider manager is making the call post authentication so I would expect getPrincipal to return the UserDetails and not the username.

    Am I right in how I'm reading this. If so can I raise an issue for this?

    Also any ideas when the saml extension will be officially released.

    Kind Regards,
    Feroz Panwaskar
Working...
X