Null @AuthenticationPrincipal with Spring-Boot / Security
Solution 1
Pls try this :-
a) Change
@Autowired
private UserDetailsService userDetailsService;
To
@Autowired
private UserServiceBean userDetailsService;
b) Use @Service here
@Service
public class UserServiceBean implements UserService {
c) Change @AuthenticationPrincipal User user to @AuthenticationPrincipal UserDetails userDetails
Solution 2
The type in the controller needs to match with the type that you return from the UserDetailsService
.
The Javadoc explicitly states:
If the types do not match,
null
will be returned unlessAuthenticationPrincipal.errorOnInvalidType()
istrue
in which case aClassCastException
will be thrown.
Pretty strange that the error is not the default.
szxnyc
Software engineer, tinkerer, curious, musician, and all around nice guy. Appreciates the front-end limelight of Web Programming but prefers the good old catacombs of back-end Server Side Development.
Updated on July 19, 2022Comments
-
szxnyc almost 2 years
I setup my Spring Security application according to the reference document and after hours of troubleshooting I continue to get a null @AuthenticationPrincipal passed into my controller.
The authentication mechanism is working fine against the users in my database but still a null @AuthenticationPrincipal. I consulted several internet posts including this, and this but still I am getting null.
I am using Spring-Boot 1.2.2 and Spring Security 3.2.6.
Relevant POM:
<parent> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-parent</artifactId> <version>1.2.2.RELEASE</version> <relativePath/> </parent> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-security</artifactId> </dependency>
Application:
@SpringBootApplication public class AuditWebApplication { // code }
WebSecurityConfigurerAdapter:
@Configuration @Order(SecurityProperties.ACCESS_OVERRIDE_ORDER) @EnableGlobalMethodSecurity(prePostEnabled=true) @EnableWebMvcSecurity public class SecurityConfiguration WebSecurityConfigurerAdapter { @Autowired private UserDetailsService userDetailsService; @Override protected void configure(AuthenticationManagerBuilder auth) throws Exception { auth.userDetailsService(userDetailsService); } @Override protected void configure(HttpSecurity http) throws Exception { http .httpBasic() .and() .logout() .logoutSuccessUrl("/#/login") .and() .authorizeRequests() .antMatchers("/index.html", "/views/**", // public side. "/images/**", "/scripts/**", "/styles/**", "/vendor/**", "/") .permitAll() .anyRequest().authenticated().and().csrf() .csrfTokenRepository(csrfTokenRepository()).and() .addFilterAfter(csrfHeaderFilter(), SessionManagementFilter.class); }
UserDetailsService:
@Transactional @Service public class UserServiceBean implements UserService { @Override public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException { // Custom domain User object, not spring security User user = userRepository.findByusername(username); if(user == null) { throw new UsernameNotFoundException("Unable to load user by username = '" + username + "'"); } List<UserRole> userRoles = userRoleRepository.findAllByUserId(user.getId()); user.setUserRoles(userRoles); return new UserRepositoryUserDetails(user); } // User here refers to my application's domain User object, not Spring Security private final static class UserRepositoryUserDetails extends User implements UserDetails { public UserRepositoryUserDetails(User user) { super(user); } @Override public Collection<? extends GrantedAuthority> getAuthorities() { List<String> authoritiesList = new ArrayList<String>(); List<UserRole> userRoles = getUserRoles(); userRoles.forEach((ur) -> { if(ur.isActive()) { authoritiesList.add(ur.getRoleDesc()); } }); String authoritiesString = StringUtils.join(authoritiesList, ','); return AuthorityUtils.commaSeparatedStringToAuthorityList(authoritiesString); } @Override public String getUsername() { return getLdapUID(); } @Override public boolean isAccountNonExpired() { return true; } @Override public boolean isAccountNonLocked() { return true; } @Override public boolean isCredentialsNonExpired() { return true; } @Override public boolean isEnabled() { return isActive() ; } @Override public String getPassword() { // fake for now return "password"; } } } public interface UserService extends UserDetailsService { // signatures }
Controller:
import org.springframework.security.web.bind.annotation.AuthenticationPrincipal; import org.springframework.security.core.userdetails.User; @RequestMapping(value="/products", method=RequestMethod.GET) public ResponseEntity<Map<String,Object>> products(@AuthenticationPrincipal User user){ // user is null }
Relevant Maven Dependency Tree:
[INFO] ------------------------------------------------------------------------ [INFO] Building Web Project 0.0.1-SNAPSHOT [INFO] ------------------------------------------------------------------------ [INFO] [INFO] --- maven-dependency-plugin:2.9:tree (default-cli) @ web-build --- [WARNING] Using Maven 2 dependency tree to get verbose output, which may be inconsistent with actual Maven 3 resolution [INFO] com.company:web-build:jar:0.0.1-SNAPSHOT [INFO] +- com.company:common-build:jar:0.0.1-SNAPSHOT:compile [INFO] | +- (org.springframework.boot:spring-boot-starter-aop:jar:1.2.2.RELEASE:compile - omitted for duplicate) [INFO] | \- (org.springframework.boot:spring-boot-starter-security:jar:1.2.2.RELEASE:compile - omitted for duplicate) [INFO] +- com.company:data-build:jar:0.0.1-SNAPSHOT:compile [INFO] | +- (com.company:common-build:jar:0.0.1-SNAPSHOT:compile - omitted for duplicate) [INFO] | +- (org.springframework.boot:spring-boot-starter-security:jar:1.2.2.RELEASE:compile - omitted for duplicate) [INFO] | +- (org.springframework.boot:spring-boot-starter-jdbc:jar:1.2.2.RELEASE:compile - omitted for duplicate) [INFO] | +- (org.springframework.boot:spring-boot-starter-aop:jar:1.2.2.RELEASE:compile - omitted for duplicate) [INFO] | +- com.fasterxml.jackson.core:jackson-annotations:jar:2.4.5:compile [INFO] | +- (org.apache.commons:commons-lang3:jar:3.3.2:compile - omitted for duplicate) [INFO] | \- org.springframework.boot:spring-boot-starter-jetty:jar:1.2.2.RELEASE:compile [INFO] | +- org.eclipse.jetty:jetty-jsp:jar:9.2.9.v20150224:compile [INFO] | | +- org.eclipse.jetty.toolchain:jetty-schemas:jar:3.1.M0:compile [INFO] | | +- javax.servlet:javax.servlet-api:jar:3.1.0:compile [INFO] | | +- javax.servlet.jsp:javax.servlet.jsp-api:jar:2.3.1:compile [INFO] | | +- org.glassfish.web:javax.servlet.jsp:jar:2.3.2:compile [INFO] | | | +- (org.glassfish:javax.el:jar:3.0.0:compile - omitted for duplicate) [INFO] | | | \- (javax.servlet.jsp:javax.servlet.jsp-api:jar:2.3.1:compile - omitted for duplicate) [INFO] | | +- org.eclipse.jetty.orbit:javax.servlet.jsp.jstl:jar:1.2.0.v201105211821:compile [INFO] | | +- org.glassfish.web:javax.servlet.jsp.jstl:jar:1.2.2:compile [INFO] | | +- org.glassfish:javax.el:jar:3.0.0:compile [INFO] | | \- org.eclipse.jetty.orbit:org.eclipse.jdt.core:jar:3.8.2.v20130121:compile [INFO] | +- org.eclipse.jetty:jetty-webapp:jar:9.2.9.v20150224:compile [INFO] | | +- org.eclipse.jetty:jetty-xml:jar:9.2.9.v20150224:compile [INFO] | | | \- org.eclipse.jetty:jetty-util:jar:9.2.9.v20150224:compile [INFO] | | \- org.eclipse.jetty:jetty-servlet:jar:9.2.9.v20150224:compile [INFO] | | \- org.eclipse.jetty:jetty-security:jar:9.2.9.v20150224:compile [INFO] | | \- org.eclipse.jetty:jetty-server:jar:9.2.9.v20150224:compile [INFO] | | +- (javax.servlet:javax.servlet-api:jar:3.1.0:compile - omitted for duplicate) [INFO] | | +- (org.eclipse.jetty:jetty-http:jar:9.2.9.v20150224:compile - omitted for duplicate) [INFO] | | \- (org.eclipse.jetty:jetty-io:jar:9.2.9.v20150224:compile - omitted for duplicate) [INFO] | +- org.eclipse.jetty.websocket:websocket-server:jar:9.2.9.v20150224:compile [INFO] | | +- org.eclipse.jetty.websocket:websocket-common:jar:9.2.9.v20150224:compile [INFO] | | | +- org.eclipse.jetty.websocket:websocket-api:jar:9.2.9.v20150224:compile [INFO] | | | +- (org.eclipse.jetty:jetty-util:jar:9.2.9.v20150224:compile - omitted for duplicate) [INFO] | | | \- org.eclipse.jetty:jetty-io:jar:9.2.9.v20150224:compile [INFO] | | | \- (org.eclipse.jetty:jetty-util:jar:9.2.9.v20150224:compile - omitted for duplicate) [INFO] | | +- org.eclipse.jetty.websocket:websocket-client:jar:9.2.9.v20150224:compile [INFO] | | | +- (org.eclipse.jetty:jetty-util:jar:9.2.9.v20150224:compile - omitted for duplicate) [INFO] | | | +- (org.eclipse.jetty:jetty-io:jar:9.2.9.v20150224:compile - omitted for duplicate) [INFO] | | | \- (org.eclipse.jetty.websocket:websocket-common:jar:9.2.9.v20150224:compile - omitted for duplicate) [INFO] | | +- org.eclipse.jetty.websocket:websocket-servlet:jar:9.2.9.v20150224:compile [INFO] | | | +- (org.eclipse.jetty.websocket:websocket-api:jar:9.2.9.v20150224:compile - omitted for duplicate) [INFO] | | | \- (javax.servlet:javax.servlet-api:jar:3.1.0:compile - omitted for duplicate) [INFO] | | +- (org.eclipse.jetty:jetty-servlet:jar:9.2.9.v20150224:compile - omitted for duplicate) [INFO] | | \- org.eclipse.jetty:jetty-http:jar:9.2.9.v20150224:compile [INFO] | | \- (org.eclipse.jetty:jetty-util:jar:9.2.9.v20150224:compile - omitted for duplicate) [INFO] | \- org.eclipse.jetty.websocket:javax-websocket-server-impl:jar:9.2.9.v20150224:compile [INFO] | +- org.eclipse.jetty:jetty-annotations:jar:9.2.9.v20150224:compile [INFO] | | +- org.eclipse.jetty:jetty-plus:jar:9.2.9.v20150224:compile [INFO] | | | +- (org.eclipse.jetty:jetty-webapp:jar:9.2.9.v20150224:compile - omitted for duplicate) [INFO] | | | \- org.eclipse.jetty:jetty-jndi:jar:9.2.9.v20150224:compile [INFO] | | | \- (org.eclipse.jetty:jetty-util:jar:9.2.9.v20150224:compile - omitted for duplicate) [INFO] | | +- (org.eclipse.jetty:jetty-webapp:jar:9.2.9.v20150224:compile - omitted for duplicate) [INFO] | | +- javax.annotation:javax.annotation-api:jar:1.2:compile [INFO] | | +- org.ow2.asm:asm:jar:5.0.1:compile [INFO] | | \- org.ow2.asm:asm-commons:jar:5.0.1:compile [INFO] | | \- org.ow2.asm:asm-tree:jar:5.0.1:compile [INFO] | | \- (org.ow2.asm:asm:jar:5.0.1:compile - omitted for duplicate) [INFO] | +- org.eclipse.jetty.websocket:javax-websocket-client-impl:jar:9.2.9.v20150224:compile [INFO] | | +- (org.eclipse.jetty.websocket:websocket-client:jar:9.2.9.v20150224:compile - omitted for duplicate) [INFO] | | \- (javax.websocket:javax.websocket-api:jar:1.0:compile - omitted for duplicate) [INFO] | +- (org.eclipse.jetty.websocket:websocket-server:jar:9.2.9.v20150224:compile - omitted for duplicate) [INFO] | \- javax.websocket:javax.websocket-api:jar:1.0:compile [INFO] +- org.springframework.boot:spring-boot-starter-security:jar:1.2.2.RELEASE:compile [INFO] | +- org.springframework.boot:spring-boot-starter:jar:1.2.2.RELEASE:compile [INFO] | | +- org.springframework.boot:spring-boot:jar:1.2.2.RELEASE:compile [INFO] | | | +- (org.springframework:spring-core:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate) [INFO] | | | \- (org.springframework:spring-context:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate) [INFO] | | +- org.springframework.boot:spring-boot-autoconfigure:jar:1.2.2.RELEASE:compile [INFO] | | | +- (org.springframework.boot:spring-boot:jar:1.2.2.RELEASE:compile - omitted for duplicate) [INFO] | | | \- org.yaml:snakeyaml:jar:1.14:compile [INFO] | | +- org.springframework.boot:spring-boot-starter-logging:jar:1.2.2.RELEASE:compile [INFO] | | | +- org.slf4j:jcl-over-slf4j:jar:1.7.10:compile [INFO] | | | | \- org.slf4j:slf4j-api:jar:1.7.10:compile (version managed from 1.7.6) [INFO] | | | +- org.slf4j:jul-to-slf4j:jar:1.7.10:compile [INFO] | | | | \- (org.slf4j:slf4j-api:jar:1.7.10:compile - version managed from 1.7.6; omitted for duplicate) [INFO] | | | +- org.slf4j:log4j-over-slf4j:jar:1.7.10:compile [INFO] | | | | \- (org.slf4j:slf4j-api:jar:1.7.10:compile - version managed from 1.7.6; omitted for duplicate) [INFO] | | | \- ch.qos.logback:logback-classic:jar:1.1.2:compile [INFO] | | | +- ch.qos.logback:logback-core:jar:1.1.2:compile [INFO] | | | \- (org.slf4j:slf4j-api:jar:1.7.10:compile - version managed from 1.7.6; omitted for duplicate) [INFO] | | +- (org.springframework:spring-core:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate) [INFO] | | \- (org.yaml:snakeyaml:jar:1.14:compile - scope updated from runtime; omitted for duplicate) [INFO] | +- org.springframework:spring-beans:jar:4.1.5.RELEASE:compile [INFO] | | \- (org.springframework:spring-core:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate) [INFO] | +- org.springframework:spring-context:jar:4.1.5.RELEASE:compile [INFO] | | +- (org.springframework:spring-aop:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate) [INFO] | | +- (org.springframework:spring-beans:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate) [INFO] | | +- (org.springframework:spring-core:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate) [INFO] | | \- (org.springframework:spring-expression:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate) [INFO] | +- org.springframework:spring-core:jar:4.1.5.RELEASE:compile [INFO] | +- org.springframework:spring-expression:jar:4.1.5.RELEASE:compile [INFO] | | \- (org.springframework:spring-core:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate) [INFO] | +- org.springframework:spring-web:jar:4.1.5.RELEASE:compile (version managed from 3.2.8.RELEASE) [INFO] | | +- (org.springframework:spring-aop:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate) [INFO] | | +- (org.springframework:spring-beans:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate) [INFO] | | +- (org.springframework:spring-context:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate) [INFO] | | \- (org.springframework:spring-core:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate) [INFO] | +- org.springframework.security:spring-security-config:jar:3.2.6.RELEASE:compile [INFO] | | +- aopalliance:aopalliance:jar:1.0:compile [INFO] | | +- org.springframework.security:spring-security-core:jar:3.2.6.RELEASE:compile [INFO] | | | +- (aopalliance:aopalliance:jar:1.0:compile - omitted for duplicate) [INFO] | | | +- (org.springframework:spring-aop:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate) [INFO] | | | +- (org.springframework:spring-beans:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate) [INFO] | | | +- (org.springframework:spring-context:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate) [INFO] | | | +- (org.springframework:spring-core:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate) [INFO] | | | \- (org.springframework:spring-expression:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate) [INFO] | | +- (org.springframework:spring-aop:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate) [INFO] | | +- (org.springframework:spring-beans:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate) [INFO] | | +- (org.springframework:spring-context:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate) [INFO] | | \- (org.springframework:spring-core:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate) [INFO] | +- org.springframework.security:spring-security-web:jar:3.2.6.RELEASE:compile [INFO] | | +- (aopalliance:aopalliance:jar:1.0:compile - omitted for duplicate) [INFO] | | +- (org.springframework.security:spring-security-core:jar:3.2.6.RELEASE:compile - omitted for duplicate) [INFO] | | +- (org.springframework:spring-beans:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate) [INFO] | | +- (org.springframework:spring-context:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate) [INFO] | | +- (org.springframework:spring-core:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate) [INFO] | | +- (org.springframework:spring-expression:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate) [INFO] | | \- (org.springframework:spring-web:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate) [INFO] | \- org.springframework:spring-aop:jar:4.1.5.RELEASE:compile [INFO] | +- (aopalliance:aopalliance:jar:1.0:compile - omitted for duplicate) [INFO] | +- (org.springframework:spring-beans:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate) [INFO] | \- (org.springframework:spring-core:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate) [INFO] +- org.springframework.boot:spring-boot-starter-web:jar:1.2.2.RELEASE:compile [INFO] | +- (org.springframework.boot:spring-boot-starter:jar:1.2.2.RELEASE:compile - omitted for duplicate) [INFO] | +- org.springframework.boot:spring-boot-starter-tomcat:jar:1.2.2.RELEASE:compile [INFO] | | +- org.apache.tomcat.embed:tomcat-embed-core:jar:8.0.20:compile [INFO] | | +- org.apache.tomcat.embed:tomcat-embed-el:jar:8.0.20:compile [INFO] | | +- org.apache.tomcat.embed:tomcat-embed-logging-juli:jar:8.0.20:compile [INFO] | | \- org.apache.tomcat.embed:tomcat-embed-websocket:jar:8.0.20:compile [INFO] | | \- (org.apache.tomcat.embed:tomcat-embed-core:jar:8.0.20:compile - omitted for duplicate) [INFO] | +- com.fasterxml.jackson.core:jackson-databind:jar:2.4.5:compile [INFO] | | +- (com.fasterxml.jackson.core:jackson-annotations:jar:2.4.5:compile - version managed from 2.4.0; omitted for duplicate) [INFO] | | \- com.fasterxml.jackson.core:jackson-core:jar:2.4.5:compile [INFO] | +- org.hibernate:hibernate-validator:jar:5.1.3.Final:compile [INFO] | | +- javax.validation:validation-api:jar:1.1.0.Final:compile [INFO] | | +- org.jboss.logging:jboss-logging:jar:3.1.3.GA:compile [INFO] | | \- com.fasterxml:classmate:jar:1.0.0:compile [INFO] | +- (org.springframework:spring-core:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate) [INFO] | +- (org.springframework:spring-web:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate) [INFO] | \- org.springframework:spring-webmvc:jar:4.1.5.RELEASE:compile [INFO] | +- (org.springframework:spring-beans:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate) [INFO] | +- (org.springframework:spring-context:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate) [INFO] | +- (org.springframework:spring-core:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate) [INFO] | +- (org.springframework:spring-expression:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate) [INFO] | \- (org.springframework:spring-web:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate) [INFO] +- org.springframework.boot:spring-boot-starter-jdbc:jar:1.2.2.RELEASE:compile [INFO] | +- (org.springframework.boot:spring-boot-starter:jar:1.2.2.RELEASE:compile - omitted for duplicate) [INFO] | +- (org.springframework:spring-core:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate) [INFO] | +- org.springframework:spring-jdbc:jar:4.1.5.RELEASE:compile [INFO] | | +- (org.springframework:spring-beans:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate) [INFO] | | +- (org.springframework:spring-core:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate) [INFO] | | \- (org.springframework:spring-tx:jar:4.1.5.RELEASE:compile - omitted for duplicate) [INFO] | +- org.apache.tomcat:tomcat-jdbc:jar:8.0.20:compile [INFO] | | \- org.apache.tomcat:tomcat-juli:jar:8.0.20:compile [INFO] | \- org.springframework:spring-tx:jar:4.1.5.RELEASE:compile [INFO] | +- (org.springframework:spring-beans:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate) [INFO] | \- (org.springframework:spring-core:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate) [INFO] +- org.springframework.boot:spring-boot-starter-aop:jar:1.2.2.RELEASE:compile [INFO] | +- (org.springframework.boot:spring-boot-starter:jar:1.2.2.RELEASE:compile - omitted for duplicate) [INFO] | +- (org.springframework:spring-aop:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate) [INFO] | +- (org.springframework:spring-core:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate) [INFO] | +- org.aspectj:aspectjrt:jar:1.8.5:compile [INFO] | \- org.aspectj:aspectjweaver:jar:1.8.5:compile [INFO] +- org.apache.commons:commons-lang3:jar:3.3.2:compile [INFO] +- commons-beanutils:commons-beanutils:jar:1.9.2:compile [INFO] | \- commons-collections:commons-collections:jar:3.2.1:compile [INFO] +- org.springframework.boot:spring-boot-starter-test:jar:1.2.2.RELEASE:test [INFO] | +- junit:junit:jar:4.12:test [INFO] | | \- (org.hamcrest:hamcrest-core:jar:1.3:test - version managed from 1.1; omitted for duplicate) [INFO] | +- org.mockito:mockito-core:jar:1.10.19:test [INFO] | | +- (org.hamcrest:hamcrest-core:jar:1.3:test - version managed from 1.1; omitted for duplicate) [INFO] | | \- org.objenesis:objenesis:jar:2.1:test [INFO] | +- org.hamcrest:hamcrest-core:jar:1.3:test [INFO] | +- org.hamcrest:hamcrest-library:jar:1.3:test [INFO] | | \- (org.hamcrest:hamcrest-core:jar:1.3:test - version managed from 1.1; omitted for duplicate) [INFO] | +- (org.springframework:spring-core:jar:4.1.5.RELEASE:test - version managed from 3.2.8.RELEASE; omitted for duplicate) [INFO] | \- org.springframework:spring-test:jar:4.1.5.RELEASE:test [INFO] | \- (org.springframework:spring-core:jar:4.1.5.RELEASE:test - version managed from 3.2.8.RELEASE; omitted for duplicate) [INFO] +- org.springframework.boot:spring-boot-starter-actuator:jar:1.2.2.RELEASE:compile [INFO] | +- (org.springframework.boot:spring-boot-starter:jar:1.2.2.RELEASE:compile - omitted for duplicate) [INFO] | +- org.springframework.boot:spring-boot-actuator:jar:1.2.2.RELEASE:compile [INFO] | | +- (org.springframework.boot:spring-boot:jar:1.2.2.RELEASE:compile - omitted for duplicate) [INFO] | | +- (org.springframework.boot:spring-boot-autoconfigure:jar:1.2.2.RELEASE:compile - omitted for duplicate) [INFO] | | +- (com.fasterxml.jackson.core:jackson-databind:jar:2.4.5:compile - omitted for duplicate) [INFO] | | +- (org.springframework:spring-core:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate) [INFO] | | \- (org.springframework:spring-context:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate) [INFO] | \- (org.springframework:spring-core:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate) [INFO] +- org.flywaydb:flyway-core:jar:3.1:compile [INFO] +- org.mockito:mockito-all:jar:1.10.19:compile [INFO] +- com.h2database:h2:jar:1.4.185:compile [INFO] +- mysql:mysql-connector-java:jar:5.1.34:compile [INFO] +- org.codehaus.janino:janino:jar:2.6.1:compile [INFO] | \- org.codehaus.janino:commons-compiler:jar:2.6.1:compile [INFO] +- org.apache.poi:poi:jar:3.10-FINAL:compile [INFO] | \- commons-codec:commons-codec:jar:1.5:compile [INFO] +- org.apache.poi:poi-ooxml:jar:3.10-FINAL:compile [INFO] | +- (org.apache.poi:poi:jar:3.10-FINAL:compile - omitted for duplicate) [INFO] | +- org.apache.poi:poi-ooxml-schemas:jar:3.10-FINAL:compile [INFO] | | \- org.apache.xmlbeans:xmlbeans:jar:2.3.0:compile [INFO] | | \- stax:stax-api:jar:1.0.1:compile [INFO] | \- dom4j:dom4j:jar:1.6.1:compile [INFO] | \- xml-apis:xml-apis:jar:1.0.b2:compile [INFO] \- org.scala-lang:scala-library:jar:2.10.4:compile
-
szxnyc over 8 yearsUserServiceBean is already a Service and if I attempt to Autowire UserServiceBean instead of UserDetailsService I get NoSuchBeanDefinitionException.
-
Avis over 8 yearsCan you try point (c) above as well. Its just some wiring/bean issue thats resulting in NULL.
-
szxnyc over 8 yearspoint (C) worked! Do you have any idea why I need to inject UserDetails instead of User? This is different from what the documentation states and what has worked for other users.
-
Avis over 8 yearsBcoz you returning it => public UserDetails loadUserByUsername(String username), and as User is resolving to NULL so i felt User object is not of spring security so we left with UserDetails interface only which is of spring security.
-
Wim Deblauwe about 8 yearsTo add this answer: The Javadoc (which I read after this answer :) ) explicitly states: "If the types do not match, null will be returned unless AuthenticationPrincipal.errorOnInvalidType() is true in which case a ClassCastException will be thrown." Pretty strange that the error is not the default.
-
lilalinux almost 6 years@WimDeblauwe If you turn this comment into an answer, I'll vote up
-
Wim Deblauwe almost 6 years@lilalinux answer added.
-
lilalinux almost 6 yearsThere's also a bug in Spring Boot DevTools which triggers this: stackoverflow.com/questions/35156390/… github.com/spring-projects/spring-boot/issues/5071
-
Thiago almost 5 yearsThanks! If anyone is having the same problem, a simple breakpoint the method below will help: org.springframework.security.web.method.annotation.AuthenticationPrincipalArgumentResolver.resolveArgument
-
Michael over 3 years@Thiago That helped me solve it thank you! I'd changed to use JWT authentication so a
UsernamePasswordAuthenticationToken
was being passed through instead of aUserDetails
object.