Announcement Announcement Module
Collapse
No announcement yet.
Reconnectfilter: Authentication always null Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Reconnectfilter: Authentication always null

    Hi,

    I'm playing around with the ReconnectFilter.

    PHP Code:
            @Bean
        
    public UserIdSource userIdSource() {
            return new 
    UserIdSource() {            
                @
    Override
                
    public String getUserId() {
                    
    Authentication authentication SecurityContextHolder.getContext().getAuthentication();
                    if (
    authentication == null) {
                        throw new 
    IllegalStateException("Unable to get a ConnectionRepository: no user signed in");
                    }
                    return 
    authentication.getName();
                }
            };
        } 
    The scenario is as follows:
    * I create a connection (using Google)
    * I go to Google and remove the authorization for my app
    * I try to connect again using the existing connection that still exists on my side but is now invalid

    In this scenario, an ExpiredAuthorizationException is thrown, the authentication is always null (even though there is a logged in user). Any idea why?

    Kind regards,
    Marc

  • #2
    I guess it's related to this: http://stackoverflow.com/questions/6...on-error-pages
    but that leads to the next question how to make sure the default exception handler doesn't pick up the AuthorizationExceptions before the ReconnectFilter gets to them?

    Comment


    • #3
      Nope, the spring social filter was executing before the security filter. My bad

      Comment

      Working...
      X