You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@struts.apache.org by Lance Hill <la...@baldhead.com> on 2010/03/17 15:51:33 UTC
SecurityContextHolder.getContext().getAuthentication() returning null
I am trying to get access to the currently logged in user, but when I call
SecurityContextHolder.getContext().getAuthentication(), the Authentication
returned is null. I am assuming the user is logged in since they have access
to the secure page I am testing, but I don't know how to tell for sure since
I cannot access the Authentication object.
Any hints about why SecurityContextHolder.getContext().getAuthentication()
would return a null?
RE: SecurityContextHolder.getContext().getAuthentication()
returning null
Posted by "Hoying, Ken" <Ke...@PremierInc.com>.
Check your filter order. I cannot recall if it is the filters are chained by the filter declaration order of the filter mapping order.
-----Original Message-----
From: Lance Hill [mailto:lance@baldhead.com]
Sent: Wednesday, March 17, 2010 12:08 PM
To: 'Struts Users Mailing List'; lukasz.lenart@gmail.com
Subject: RE: SecurityContextHolder.getContext().getAuthentication() returning null
I'm using Spring 3/Spring Security 3.
I tried using <security:authentication property="principal.username"/> on the protected page and the username actually appears when I go directly to http://localhost/jsp/hello.jsp.
If I go to http://localhost/hello.action, the <security:authentication property="principal.username"/> tag renders nothing and SecurityContextHolder.getContext().getAuthentication() returns a null value.
Here is my struts.xml
<struts>
<package name="myPackage" extends="struts-default">
<action name="hello" class="helloAction">
<result>/jsp/hello.jsp</result>
</action>
</package>
</struts>
And my web.xml
<!-- Filters -->
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter>
<filter-name>action2-cleanup</filter-name>
<filter-class>org.apache.struts2.dispatcher.ActionContextCleanUp</filter-class>
</filter>
<filter>
<filter-name>sitemesh</filter-name>
<filter-class>com.opensymphony.module.sitemesh.filter.PageFilter</filter-class>
</filter>
<filter>
<filter-name>action2</filter-name>
<filter-class>org.apache.struts2.dispatcher.FilterDispatcher</filter-class>
</filter>
<filter>
<filter-name>CAS Single Sign Out Filter</filter-name>
<filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class>
</filter>
<!-- -->
<filter-mapping>
<filter-name>action2-cleanup</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>sitemesh</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>action2</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>CAS Single Sign Out Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!-- -->
<!-- Listeners -->
<listener>
<listener-class>org.jasig.cas.client.session.SingleSignOutHttpSessionListener</listener-class>
</listener>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<listener>
<listener-class>org.apache.tiles.web.startup.TilesListener</listener-class>
</listener>
<!-- Servlets -->
<servlet>
<servlet-name>dwr</servlet-name>
<servlet-class>uk.ltd.getahead.dwr.DWRServlet</servlet-class>
<init-param>
<param-name>debug</param-name>
<param-value>true</param-value>
</init-param>
</servlet>
<servlet>
<servlet-name>jspSupportServlet</servlet-name>
<servlet-class>org.apache.struts2.views.JspSupportServlet</servlet-class>
<load-on-startup>5</load-on-startup>
</servlet>
<servlet>
<servlet-name>tiles</servlet-name>
<servlet-class>org.apache.tiles.web.startup.TilesServlet</servlet-class>
<init-param>
<param-name>org.apache.tiles.impl.BasicTilesContainer.DEFINITIONS_CONFIG</param-name>
<param-value>/WEB-INF/tiles-defs.xml</param-value>
</init-param>
<load-on-startup>2</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>dwr</servlet-name>
<url-pattern>/dwr/*</url-pattern>
</servlet-mapping>
<!-- Welcome file lists -->
<welcome-file-list>
<welcome-file>index.jsp</welcome-file>
<welcome-file>default.jsp</welcome-file>
<welcome-file>index.html</welcome-file>
</welcome-file-list>
<error-page>
<error-code>403</error-code>
<location>/403.jsp</location>
</error-page>
-----Original Message-----
From: Lukasz Lenart [mailto:lukasz.lenart@googlemail.com]
Sent: Wednesday, March 17, 2010 11:52 AM
To: Struts Users Mailing List
Subject: Re: SecurityContextHolder.getContext().getAuthentication() returning null
2010/3/17 Lance Hill <la...@baldhead.com>:
> Any hints about why SecurityContextHolder.getContext().getAuthentication()
> would return a null?
Spring version? Configuration? Did you try the simplest possible setup?
Regards
--
Łukasz
http://www.lenart.org.pl/
Kapituła Javarsovia 2010
http://javarsovia.pl
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org
RE: SecurityContextHolder.getContext().getAuthentication() returning null
Posted by Lance Hill <la...@baldhead.com>.
I'm using Spring 3/Spring Security 3.
I tried using <security:authentication property="principal.username"/> on the protected page and the username actually appears when I go directly to http://localhost/jsp/hello.jsp.
If I go to http://localhost/hello.action, the <security:authentication property="principal.username"/> tag renders nothing and SecurityContextHolder.getContext().getAuthentication() returns a null value.
Here is my struts.xml
<struts>
<package name="myPackage" extends="struts-default">
<action name="hello" class="helloAction">
<result>/jsp/hello.jsp</result>
</action>
</package>
</struts>
And my web.xml
<!-- Filters -->
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter>
<filter-name>action2-cleanup</filter-name>
<filter-class>org.apache.struts2.dispatcher.ActionContextCleanUp</filter-class>
</filter>
<filter>
<filter-name>sitemesh</filter-name>
<filter-class>com.opensymphony.module.sitemesh.filter.PageFilter</filter-class>
</filter>
<filter>
<filter-name>action2</filter-name>
<filter-class>org.apache.struts2.dispatcher.FilterDispatcher</filter-class>
</filter>
<filter>
<filter-name>CAS Single Sign Out Filter</filter-name>
<filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class>
</filter>
<!-- -->
<filter-mapping>
<filter-name>action2-cleanup</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>sitemesh</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>action2</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>CAS Single Sign Out Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!-- -->
<!-- Listeners -->
<listener>
<listener-class>org.jasig.cas.client.session.SingleSignOutHttpSessionListener</listener-class>
</listener>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<listener>
<listener-class>org.apache.tiles.web.startup.TilesListener</listener-class>
</listener>
<!-- Servlets -->
<servlet>
<servlet-name>dwr</servlet-name>
<servlet-class>uk.ltd.getahead.dwr.DWRServlet</servlet-class>
<init-param>
<param-name>debug</param-name>
<param-value>true</param-value>
</init-param>
</servlet>
<servlet>
<servlet-name>jspSupportServlet</servlet-name>
<servlet-class>org.apache.struts2.views.JspSupportServlet</servlet-class>
<load-on-startup>5</load-on-startup>
</servlet>
<servlet>
<servlet-name>tiles</servlet-name>
<servlet-class>org.apache.tiles.web.startup.TilesServlet</servlet-class>
<init-param>
<param-name>org.apache.tiles.impl.BasicTilesContainer.DEFINITIONS_CONFIG</param-name>
<param-value>/WEB-INF/tiles-defs.xml</param-value>
</init-param>
<load-on-startup>2</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>dwr</servlet-name>
<url-pattern>/dwr/*</url-pattern>
</servlet-mapping>
<!-- Welcome file lists -->
<welcome-file-list>
<welcome-file>index.jsp</welcome-file>
<welcome-file>default.jsp</welcome-file>
<welcome-file>index.html</welcome-file>
</welcome-file-list>
<error-page>
<error-code>403</error-code>
<location>/403.jsp</location>
</error-page>
-----Original Message-----
From: Lukasz Lenart [mailto:lukasz.lenart@googlemail.com]
Sent: Wednesday, March 17, 2010 11:52 AM
To: Struts Users Mailing List
Subject: Re: SecurityContextHolder.getContext().getAuthentication() returning null
2010/3/17 Lance Hill <la...@baldhead.com>:
> Any hints about why SecurityContextHolder.getContext().getAuthentication()
> would return a null?
Spring version? Configuration? Did you try the simplest possible setup?
Regards
--
Łukasz
http://www.lenart.org.pl/
Kapituła Javarsovia 2010
http://javarsovia.pl
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org
Re: SecurityContextHolder.getContext().getAuthentication() returning
null
Posted by Lukasz Lenart <lu...@googlemail.com>.
2010/3/17 Lance Hill <la...@baldhead.com>:
> Any hints about why SecurityContextHolder.getContext().getAuthentication()
> would return a null?
Spring version? Configuration? Did you try the simplest possible setup?
Regards
--
Łukasz
http://www.lenart.org.pl/
Kapituła Javarsovia 2010
http://javarsovia.pl
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org