Null @AuthenticationPrincipal with Spring-Boot / Security

spring spring-mvc spring-security spring-boot spring-web
17,590

Solution 1

Pls try this :-

a) Change 

 @Autowired
    private UserDetailsService userDetailsService;

To

@Autowired
    private UserServiceBean userDetailsService;

b) Use @Service here 

@Service
public class UserServiceBean implements UserService {

c) Change @AuthenticationPrincipal User user to @AuthenticationPrincipal UserDetails userDetails

Solution 2

The type in the controller needs to match with the type that you return from the UserDetailsService.

The Javadoc explicitly states:

If the types do not match, null will be returned unless AuthenticationPrincipal.errorOnInvalidType() is true in which case a ClassCastException will be thrown.

Pretty strange that the error is not the default.

Share:
17,590
szxnyc
Author by

szxnyc

Software engineer, tinkerer, curious, musician, and all around nice guy. Appreciates the front-end limelight of Web Programming but prefers the good old catacombs of back-end Server Side Development.

Updated on July 19, 2022

Comments

  • szxnyc
    szxnyc almost 2 years

    I setup my Spring Security application according to the reference document and after hours of troubleshooting I continue to get a null @AuthenticationPrincipal passed into my controller.

    The authentication mechanism is working fine against the users in my database but still a null @AuthenticationPrincipal. I consulted several internet posts including this, and this but still I am getting null.

    I am using Spring-Boot 1.2.2 and Spring Security 3.2.6.

    Relevant POM:

    <parent>
  <groupId>org.springframework.boot</groupId>
  <artifactId>spring-boot-starter-parent</artifactId>
  <version>1.2.2.RELEASE</version>
  <relativePath/>
</parent>

<dependency>
  <groupId>org.springframework.boot</groupId>
  <artifactId>spring-boot-starter-security</artifactId>
</dependency>

    Application:

    @SpringBootApplication
public class AuditWebApplication {
  // code
}

    WebSecurityConfigurerAdapter:

    @Configuration
@Order(SecurityProperties.ACCESS_OVERRIDE_ORDER)
@EnableGlobalMethodSecurity(prePostEnabled=true)
@EnableWebMvcSecurity
public class SecurityConfiguration WebSecurityConfigurerAdapter {

    @Autowired
    private UserDetailsService userDetailsService;

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.userDetailsService(userDetailsService);
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
            .httpBasic()
            .and()
            .logout()
            .logoutSuccessUrl("/#/login")
            .and()
            .authorizeRequests()
            .antMatchers("/index.html", "/views/**", // public side.
                        "/images/**", "/scripts/**", "/styles/**", "/vendor/**", "/")
            .permitAll()
            .anyRequest().authenticated().and().csrf()
            .csrfTokenRepository(csrfTokenRepository()).and()
            .addFilterAfter(csrfHeaderFilter(), SessionManagementFilter.class);
    }

    UserDetailsService:

    @Transactional
@Service
public class UserServiceBean implements UserService {
  @Override
  public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
    // Custom domain User object, not spring security
    User user = userRepository.findByusername(username);
    if(user == null) {
      throw new UsernameNotFoundException("Unable to load user by username = '" + username + "'");
    }
    List<UserRole> userRoles = userRoleRepository.findAllByUserId(user.getId());
    user.setUserRoles(userRoles);
    return new UserRepositoryUserDetails(user);
  }

  // User here refers to my application's domain User object, not Spring Security
  private final static class UserRepositoryUserDetails extends User implements UserDetails {

    public UserRepositoryUserDetails(User user) {
      super(user);
    }

    @Override
    public Collection<? extends GrantedAuthority> getAuthorities() {
      List<String> authoritiesList = new ArrayList<String>();
      List<UserRole> userRoles = getUserRoles();
      userRoles.forEach((ur) -> {
        if(ur.isActive()) {
          authoritiesList.add(ur.getRoleDesc());
        }
      });

      String authoritiesString = StringUtils.join(authoritiesList, ',');
      return AuthorityUtils.commaSeparatedStringToAuthorityList(authoritiesString);
    }

    @Override
    public String getUsername() {
      return getLdapUID();
    }

    @Override
    public boolean isAccountNonExpired() {
      return true;
    }

    @Override
    public boolean isAccountNonLocked() {
      return true;
    }

    @Override
    public boolean isCredentialsNonExpired() {
      return true;
    }

    @Override
    public boolean isEnabled() {
      return isActive() ;
    }

    @Override
    public String getPassword() {
        // fake for now
      return "password";
    }

  }

}

public interface UserService extends UserDetailsService {
  // signatures
}

    Controller:

    import org.springframework.security.web.bind.annotation.AuthenticationPrincipal;
import org.springframework.security.core.userdetails.User;

@RequestMapping(value="/products", method=RequestMethod.GET)
public ResponseEntity<Map<String,Object>> products(@AuthenticationPrincipal User user){
  // user is null
}

    Relevant Maven Dependency Tree:

    [INFO] ------------------------------------------------------------------------
[INFO] Building Web Project 0.0.1-SNAPSHOT
[INFO] ------------------------------------------------------------------------
[INFO]
[INFO] --- maven-dependency-plugin:2.9:tree (default-cli) @ web-build ---
[WARNING] Using Maven 2 dependency tree to get verbose output, which may be inconsistent with actual Maven 3 resolution
[INFO] com.company:web-build:jar:0.0.1-SNAPSHOT
[INFO] +- com.company:common-build:jar:0.0.1-SNAPSHOT:compile
[INFO] |  +- (org.springframework.boot:spring-boot-starter-aop:jar:1.2.2.RELEASE:compile - omitted for duplicate)
[INFO] |  \- (org.springframework.boot:spring-boot-starter-security:jar:1.2.2.RELEASE:compile - omitted for duplicate)
[INFO] +- com.company:data-build:jar:0.0.1-SNAPSHOT:compile
[INFO] |  +- (com.company:common-build:jar:0.0.1-SNAPSHOT:compile - omitted for duplicate)
[INFO] |  +- (org.springframework.boot:spring-boot-starter-security:jar:1.2.2.RELEASE:compile - omitted for duplicate)
[INFO] |  +- (org.springframework.boot:spring-boot-starter-jdbc:jar:1.2.2.RELEASE:compile - omitted for duplicate)
[INFO] |  +- (org.springframework.boot:spring-boot-starter-aop:jar:1.2.2.RELEASE:compile - omitted for duplicate)
[INFO] |  +- com.fasterxml.jackson.core:jackson-annotations:jar:2.4.5:compile
[INFO] |  +- (org.apache.commons:commons-lang3:jar:3.3.2:compile - omitted for duplicate)
[INFO] |  \- org.springframework.boot:spring-boot-starter-jetty:jar:1.2.2.RELEASE:compile
[INFO] |     +- org.eclipse.jetty:jetty-jsp:jar:9.2.9.v20150224:compile
[INFO] |     |  +- org.eclipse.jetty.toolchain:jetty-schemas:jar:3.1.M0:compile
[INFO] |     |  +- javax.servlet:javax.servlet-api:jar:3.1.0:compile
[INFO] |     |  +- javax.servlet.jsp:javax.servlet.jsp-api:jar:2.3.1:compile
[INFO] |     |  +- org.glassfish.web:javax.servlet.jsp:jar:2.3.2:compile
[INFO] |     |  |  +- (org.glassfish:javax.el:jar:3.0.0:compile - omitted for duplicate)
[INFO] |     |  |  \- (javax.servlet.jsp:javax.servlet.jsp-api:jar:2.3.1:compile - omitted for duplicate)
[INFO] |     |  +- org.eclipse.jetty.orbit:javax.servlet.jsp.jstl:jar:1.2.0.v201105211821:compile
[INFO] |     |  +- org.glassfish.web:javax.servlet.jsp.jstl:jar:1.2.2:compile
[INFO] |     |  +- org.glassfish:javax.el:jar:3.0.0:compile
[INFO] |     |  \- org.eclipse.jetty.orbit:org.eclipse.jdt.core:jar:3.8.2.v20130121:compile
[INFO] |     +- org.eclipse.jetty:jetty-webapp:jar:9.2.9.v20150224:compile
[INFO] |     |  +- org.eclipse.jetty:jetty-xml:jar:9.2.9.v20150224:compile
[INFO] |     |  |  \- org.eclipse.jetty:jetty-util:jar:9.2.9.v20150224:compile
[INFO] |     |  \- org.eclipse.jetty:jetty-servlet:jar:9.2.9.v20150224:compile
[INFO] |     |     \- org.eclipse.jetty:jetty-security:jar:9.2.9.v20150224:compile
[INFO] |     |        \- org.eclipse.jetty:jetty-server:jar:9.2.9.v20150224:compile
[INFO] |     |           +- (javax.servlet:javax.servlet-api:jar:3.1.0:compile - omitted for duplicate)
[INFO] |     |           +- (org.eclipse.jetty:jetty-http:jar:9.2.9.v20150224:compile - omitted for duplicate)
[INFO] |     |           \- (org.eclipse.jetty:jetty-io:jar:9.2.9.v20150224:compile - omitted for duplicate)
[INFO] |     +- org.eclipse.jetty.websocket:websocket-server:jar:9.2.9.v20150224:compile
[INFO] |     |  +- org.eclipse.jetty.websocket:websocket-common:jar:9.2.9.v20150224:compile
[INFO] |     |  |  +- org.eclipse.jetty.websocket:websocket-api:jar:9.2.9.v20150224:compile
[INFO] |     |  |  +- (org.eclipse.jetty:jetty-util:jar:9.2.9.v20150224:compile - omitted for duplicate)
[INFO] |     |  |  \- org.eclipse.jetty:jetty-io:jar:9.2.9.v20150224:compile
[INFO] |     |  |     \- (org.eclipse.jetty:jetty-util:jar:9.2.9.v20150224:compile - omitted for duplicate)
[INFO] |     |  +- org.eclipse.jetty.websocket:websocket-client:jar:9.2.9.v20150224:compile
[INFO] |     |  |  +- (org.eclipse.jetty:jetty-util:jar:9.2.9.v20150224:compile - omitted for duplicate)
[INFO] |     |  |  +- (org.eclipse.jetty:jetty-io:jar:9.2.9.v20150224:compile - omitted for duplicate)
[INFO] |     |  |  \- (org.eclipse.jetty.websocket:websocket-common:jar:9.2.9.v20150224:compile - omitted for duplicate)
[INFO] |     |  +- org.eclipse.jetty.websocket:websocket-servlet:jar:9.2.9.v20150224:compile
[INFO] |     |  |  +- (org.eclipse.jetty.websocket:websocket-api:jar:9.2.9.v20150224:compile - omitted for duplicate)
[INFO] |     |  |  \- (javax.servlet:javax.servlet-api:jar:3.1.0:compile - omitted for duplicate)
[INFO] |     |  +- (org.eclipse.jetty:jetty-servlet:jar:9.2.9.v20150224:compile - omitted for duplicate)
[INFO] |     |  \- org.eclipse.jetty:jetty-http:jar:9.2.9.v20150224:compile
[INFO] |     |     \- (org.eclipse.jetty:jetty-util:jar:9.2.9.v20150224:compile - omitted for duplicate)
[INFO] |     \- org.eclipse.jetty.websocket:javax-websocket-server-impl:jar:9.2.9.v20150224:compile
[INFO] |        +- org.eclipse.jetty:jetty-annotations:jar:9.2.9.v20150224:compile
[INFO] |        |  +- org.eclipse.jetty:jetty-plus:jar:9.2.9.v20150224:compile
[INFO] |        |  |  +- (org.eclipse.jetty:jetty-webapp:jar:9.2.9.v20150224:compile - omitted for duplicate)
[INFO] |        |  |  \- org.eclipse.jetty:jetty-jndi:jar:9.2.9.v20150224:compile
[INFO] |        |  |     \- (org.eclipse.jetty:jetty-util:jar:9.2.9.v20150224:compile - omitted for duplicate)
[INFO] |        |  +- (org.eclipse.jetty:jetty-webapp:jar:9.2.9.v20150224:compile - omitted for duplicate)
[INFO] |        |  +- javax.annotation:javax.annotation-api:jar:1.2:compile
[INFO] |        |  +- org.ow2.asm:asm:jar:5.0.1:compile
[INFO] |        |  \- org.ow2.asm:asm-commons:jar:5.0.1:compile
[INFO] |        |     \- org.ow2.asm:asm-tree:jar:5.0.1:compile
[INFO] |        |        \- (org.ow2.asm:asm:jar:5.0.1:compile - omitted for duplicate)
[INFO] |        +- org.eclipse.jetty.websocket:javax-websocket-client-impl:jar:9.2.9.v20150224:compile
[INFO] |        |  +- (org.eclipse.jetty.websocket:websocket-client:jar:9.2.9.v20150224:compile - omitted for duplicate)
[INFO] |        |  \- (javax.websocket:javax.websocket-api:jar:1.0:compile - omitted for duplicate)
[INFO] |        +- (org.eclipse.jetty.websocket:websocket-server:jar:9.2.9.v20150224:compile - omitted for duplicate)
[INFO] |        \- javax.websocket:javax.websocket-api:jar:1.0:compile
[INFO] +- org.springframework.boot:spring-boot-starter-security:jar:1.2.2.RELEASE:compile
[INFO] |  +- org.springframework.boot:spring-boot-starter:jar:1.2.2.RELEASE:compile
[INFO] |  |  +- org.springframework.boot:spring-boot:jar:1.2.2.RELEASE:compile
[INFO] |  |  |  +- (org.springframework:spring-core:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] |  |  |  \- (org.springframework:spring-context:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] |  |  +- org.springframework.boot:spring-boot-autoconfigure:jar:1.2.2.RELEASE:compile
[INFO] |  |  |  +- (org.springframework.boot:spring-boot:jar:1.2.2.RELEASE:compile - omitted for duplicate)
[INFO] |  |  |  \- org.yaml:snakeyaml:jar:1.14:compile
[INFO] |  |  +- org.springframework.boot:spring-boot-starter-logging:jar:1.2.2.RELEASE:compile
[INFO] |  |  |  +- org.slf4j:jcl-over-slf4j:jar:1.7.10:compile
[INFO] |  |  |  |  \- org.slf4j:slf4j-api:jar:1.7.10:compile (version managed from 1.7.6)
[INFO] |  |  |  +- org.slf4j:jul-to-slf4j:jar:1.7.10:compile
[INFO] |  |  |  |  \- (org.slf4j:slf4j-api:jar:1.7.10:compile - version managed from 1.7.6; omitted for duplicate)
[INFO] |  |  |  +- org.slf4j:log4j-over-slf4j:jar:1.7.10:compile
[INFO] |  |  |  |  \- (org.slf4j:slf4j-api:jar:1.7.10:compile - version managed from 1.7.6; omitted for duplicate)
[INFO] |  |  |  \- ch.qos.logback:logback-classic:jar:1.1.2:compile
[INFO] |  |  |     +- ch.qos.logback:logback-core:jar:1.1.2:compile
[INFO] |  |  |     \- (org.slf4j:slf4j-api:jar:1.7.10:compile - version managed from 1.7.6; omitted for duplicate)
[INFO] |  |  +- (org.springframework:spring-core:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] |  |  \- (org.yaml:snakeyaml:jar:1.14:compile - scope updated from runtime; omitted for duplicate)
[INFO] |  +- org.springframework:spring-beans:jar:4.1.5.RELEASE:compile
[INFO] |  |  \- (org.springframework:spring-core:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] |  +- org.springframework:spring-context:jar:4.1.5.RELEASE:compile
[INFO] |  |  +- (org.springframework:spring-aop:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] |  |  +- (org.springframework:spring-beans:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] |  |  +- (org.springframework:spring-core:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] |  |  \- (org.springframework:spring-expression:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] |  +- org.springframework:spring-core:jar:4.1.5.RELEASE:compile
[INFO] |  +- org.springframework:spring-expression:jar:4.1.5.RELEASE:compile
[INFO] |  |  \- (org.springframework:spring-core:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] |  +- org.springframework:spring-web:jar:4.1.5.RELEASE:compile (version managed from 3.2.8.RELEASE)
[INFO] |  |  +- (org.springframework:spring-aop:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] |  |  +- (org.springframework:spring-beans:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] |  |  +- (org.springframework:spring-context:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] |  |  \- (org.springframework:spring-core:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] |  +- org.springframework.security:spring-security-config:jar:3.2.6.RELEASE:compile
[INFO] |  |  +- aopalliance:aopalliance:jar:1.0:compile
[INFO] |  |  +- org.springframework.security:spring-security-core:jar:3.2.6.RELEASE:compile
[INFO] |  |  |  +- (aopalliance:aopalliance:jar:1.0:compile - omitted for duplicate)
[INFO] |  |  |  +- (org.springframework:spring-aop:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] |  |  |  +- (org.springframework:spring-beans:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] |  |  |  +- (org.springframework:spring-context:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] |  |  |  +- (org.springframework:spring-core:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] |  |  |  \- (org.springframework:spring-expression:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] |  |  +- (org.springframework:spring-aop:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] |  |  +- (org.springframework:spring-beans:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] |  |  +- (org.springframework:spring-context:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] |  |  \- (org.springframework:spring-core:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] |  +- org.springframework.security:spring-security-web:jar:3.2.6.RELEASE:compile
[INFO] |  |  +- (aopalliance:aopalliance:jar:1.0:compile - omitted for duplicate)
[INFO] |  |  +- (org.springframework.security:spring-security-core:jar:3.2.6.RELEASE:compile - omitted for duplicate)
[INFO] |  |  +- (org.springframework:spring-beans:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] |  |  +- (org.springframework:spring-context:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] |  |  +- (org.springframework:spring-core:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] |  |  +- (org.springframework:spring-expression:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] |  |  \- (org.springframework:spring-web:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] |  \- org.springframework:spring-aop:jar:4.1.5.RELEASE:compile
[INFO] |     +- (aopalliance:aopalliance:jar:1.0:compile - omitted for duplicate)
[INFO] |     +- (org.springframework:spring-beans:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] |     \- (org.springframework:spring-core:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] +- org.springframework.boot:spring-boot-starter-web:jar:1.2.2.RELEASE:compile
[INFO] |  +- (org.springframework.boot:spring-boot-starter:jar:1.2.2.RELEASE:compile - omitted for duplicate)
[INFO] |  +- org.springframework.boot:spring-boot-starter-tomcat:jar:1.2.2.RELEASE:compile
[INFO] |  |  +- org.apache.tomcat.embed:tomcat-embed-core:jar:8.0.20:compile
[INFO] |  |  +- org.apache.tomcat.embed:tomcat-embed-el:jar:8.0.20:compile
[INFO] |  |  +- org.apache.tomcat.embed:tomcat-embed-logging-juli:jar:8.0.20:compile
[INFO] |  |  \- org.apache.tomcat.embed:tomcat-embed-websocket:jar:8.0.20:compile
[INFO] |  |     \- (org.apache.tomcat.embed:tomcat-embed-core:jar:8.0.20:compile - omitted for duplicate)
[INFO] |  +- com.fasterxml.jackson.core:jackson-databind:jar:2.4.5:compile
[INFO] |  |  +- (com.fasterxml.jackson.core:jackson-annotations:jar:2.4.5:compile - version managed from 2.4.0; omitted for duplicate)
[INFO] |  |  \- com.fasterxml.jackson.core:jackson-core:jar:2.4.5:compile
[INFO] |  +- org.hibernate:hibernate-validator:jar:5.1.3.Final:compile
[INFO] |  |  +- javax.validation:validation-api:jar:1.1.0.Final:compile
[INFO] |  |  +- org.jboss.logging:jboss-logging:jar:3.1.3.GA:compile
[INFO] |  |  \- com.fasterxml:classmate:jar:1.0.0:compile
[INFO] |  +- (org.springframework:spring-core:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] |  +- (org.springframework:spring-web:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] |  \- org.springframework:spring-webmvc:jar:4.1.5.RELEASE:compile
[INFO] |     +- (org.springframework:spring-beans:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] |     +- (org.springframework:spring-context:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] |     +- (org.springframework:spring-core:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] |     +- (org.springframework:spring-expression:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] |     \- (org.springframework:spring-web:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] +- org.springframework.boot:spring-boot-starter-jdbc:jar:1.2.2.RELEASE:compile
[INFO] |  +- (org.springframework.boot:spring-boot-starter:jar:1.2.2.RELEASE:compile - omitted for duplicate)
[INFO] |  +- (org.springframework:spring-core:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] |  +- org.springframework:spring-jdbc:jar:4.1.5.RELEASE:compile
[INFO] |  |  +- (org.springframework:spring-beans:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] |  |  +- (org.springframework:spring-core:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] |  |  \- (org.springframework:spring-tx:jar:4.1.5.RELEASE:compile - omitted for duplicate)
[INFO] |  +- org.apache.tomcat:tomcat-jdbc:jar:8.0.20:compile
[INFO] |  |  \- org.apache.tomcat:tomcat-juli:jar:8.0.20:compile
[INFO] |  \- org.springframework:spring-tx:jar:4.1.5.RELEASE:compile
[INFO] |     +- (org.springframework:spring-beans:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] |     \- (org.springframework:spring-core:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] +- org.springframework.boot:spring-boot-starter-aop:jar:1.2.2.RELEASE:compile
[INFO] |  +- (org.springframework.boot:spring-boot-starter:jar:1.2.2.RELEASE:compile - omitted for duplicate)
[INFO] |  +- (org.springframework:spring-aop:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] |  +- (org.springframework:spring-core:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] |  +- org.aspectj:aspectjrt:jar:1.8.5:compile
[INFO] |  \- org.aspectj:aspectjweaver:jar:1.8.5:compile
[INFO] +- org.apache.commons:commons-lang3:jar:3.3.2:compile
[INFO] +- commons-beanutils:commons-beanutils:jar:1.9.2:compile
[INFO] |  \- commons-collections:commons-collections:jar:3.2.1:compile
[INFO] +- org.springframework.boot:spring-boot-starter-test:jar:1.2.2.RELEASE:test
[INFO] |  +- junit:junit:jar:4.12:test
[INFO] |  |  \- (org.hamcrest:hamcrest-core:jar:1.3:test - version managed from 1.1; omitted for duplicate)
[INFO] |  +- org.mockito:mockito-core:jar:1.10.19:test
[INFO] |  |  +- (org.hamcrest:hamcrest-core:jar:1.3:test - version managed from 1.1; omitted for duplicate)
[INFO] |  |  \- org.objenesis:objenesis:jar:2.1:test
[INFO] |  +- org.hamcrest:hamcrest-core:jar:1.3:test
[INFO] |  +- org.hamcrest:hamcrest-library:jar:1.3:test
[INFO] |  |  \- (org.hamcrest:hamcrest-core:jar:1.3:test - version managed from 1.1; omitted for duplicate)
[INFO] |  +- (org.springframework:spring-core:jar:4.1.5.RELEASE:test - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] |  \- org.springframework:spring-test:jar:4.1.5.RELEASE:test
[INFO] |     \- (org.springframework:spring-core:jar:4.1.5.RELEASE:test - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] +- org.springframework.boot:spring-boot-starter-actuator:jar:1.2.2.RELEASE:compile
[INFO] |  +- (org.springframework.boot:spring-boot-starter:jar:1.2.2.RELEASE:compile - omitted for duplicate)
[INFO] |  +- org.springframework.boot:spring-boot-actuator:jar:1.2.2.RELEASE:compile
[INFO] |  |  +- (org.springframework.boot:spring-boot:jar:1.2.2.RELEASE:compile - omitted for duplicate)
[INFO] |  |  +- (org.springframework.boot:spring-boot-autoconfigure:jar:1.2.2.RELEASE:compile - omitted for duplicate)
[INFO] |  |  +- (com.fasterxml.jackson.core:jackson-databind:jar:2.4.5:compile - omitted for duplicate)
[INFO] |  |  +- (org.springframework:spring-core:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] |  |  \- (org.springframework:spring-context:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] |  \- (org.springframework:spring-core:jar:4.1.5.RELEASE:compile - version managed from 3.2.8.RELEASE; omitted for duplicate)
[INFO] +- org.flywaydb:flyway-core:jar:3.1:compile
[INFO] +- org.mockito:mockito-all:jar:1.10.19:compile
[INFO] +- com.h2database:h2:jar:1.4.185:compile
[INFO] +- mysql:mysql-connector-java:jar:5.1.34:compile
[INFO] +- org.codehaus.janino:janino:jar:2.6.1:compile
[INFO] |  \- org.codehaus.janino:commons-compiler:jar:2.6.1:compile
[INFO] +- org.apache.poi:poi:jar:3.10-FINAL:compile
[INFO] |  \- commons-codec:commons-codec:jar:1.5:compile
[INFO] +- org.apache.poi:poi-ooxml:jar:3.10-FINAL:compile
[INFO] |  +- (org.apache.poi:poi:jar:3.10-FINAL:compile - omitted for duplicate)
[INFO] |  +- org.apache.poi:poi-ooxml-schemas:jar:3.10-FINAL:compile
[INFO] |  |  \- org.apache.xmlbeans:xmlbeans:jar:2.3.0:compile
[INFO] |  |     \- stax:stax-api:jar:1.0.1:compile
[INFO] |  \- dom4j:dom4j:jar:1.6.1:compile
[INFO] |     \- xml-apis:xml-apis:jar:1.0.b2:compile
[INFO] \- org.scala-lang:scala-library:jar:2.10.4:compile
  • szxnyc
    szxnyc over 8 years
    UserServiceBean is already a Service and if I attempt to Autowire UserServiceBean instead of UserDetailsService I get NoSuchBeanDefinitionException.
  • Avis
    Avis over 8 years
    Can you try point (c) above as well. Its just some wiring/bean issue thats resulting in NULL.
  • szxnyc
    szxnyc over 8 years
    point (C) worked! Do you have any idea why I need to inject UserDetails instead of User? This is different from what the documentation states and what has worked for other users.
  • Avis
    Avis over 8 years
    Bcoz you returning it => public UserDetails loadUserByUsername(String username), and as User is resolving to NULL so i felt User object is not of spring security so we left with UserDetails interface only which is of spring security.
  • Wim Deblauwe
    Wim Deblauwe about 8 years
    To add this answer: The Javadoc (which I read after this answer :) ) explicitly states: "If the types do not match, null will be returned unless AuthenticationPrincipal.errorOnInvalidType() is true in which case a ClassCastException will be thrown." Pretty strange that the error is not the default.
  • lilalinux
    lilalinux almost 6 years
    @WimDeblauwe If you turn this comment into an answer, I'll vote up
  • Wim Deblauwe
    Wim Deblauwe almost 6 years
    @lilalinux answer added.
  • lilalinux
    lilalinux almost 6 years
    There's also a bug in Spring Boot DevTools which triggers this: stackoverflow.com/questions/35156390/… github.com/spring-projects/spring-boot/issues/5071
  • Thiago
    Thiago almost 5 years
    Thanks! If anyone is having the same problem, a simple breakpoint the method below will help: org.springframework.security.web.method.annotation.Authentic‌​ationPrincipalArgume‌​ntResolver.resolveAr‌​gument
  • Michael
    Michael over 3 years
    @Thiago That helped me solve it thank you! I'd changed to use JWT authentication so a UsernamePasswordAuthenticationToken was being passed through instead of a UserDetails object.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Spring Boot annotation @GetMapping can not be resolved to a type
Cannot get rid of "An Authentication object was not found in the SecurityContext" in a Spring Boot application without @WithMockUser
how to achieve Ldap Authentication using spring security(spring boot)
Java Spring Security - User.withDefaultPasswordEncoder() is deprecated?
Spring security 401 Unauthorized even with permitAll
How to use AuthorizationServerSecurityConfigurer?
Spring security + session : Receive "Set-Cookie" header but not set in browser
Spring Boot Security Anonymous authorization
Spring boot - return 403 Forbidden instead of redirect to login page
@WithMockUser doesn't pick Spring Security auth credentials