Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Issue when using @AuthenticationPrincipal on interfaces #16177

Closed
K-e-l-v-i-n-12 opened this issue Nov 26, 2024 · 1 comment · Fixed by #16245
Closed

Issue when using @AuthenticationPrincipal on interfaces #16177

K-e-l-v-i-n-12 opened this issue Nov 26, 2024 · 1 comment · Fixed by #16245
Assignees
@jzheaux
Labels
in: web An issue in web modules (web, webmvc) type: bug A general bug
Milestone
6.4.2

Comments

@K-e-l-v-i-n-12
Copy link

In the current version of Spring Security (version 6.4), a changed behavior occurs when using the @AuthenticationPrincipal annotation on an interface. If the annotation is applied directly to the concrete implementation, everything works as expected and the UserDetails object is passed correctly. However, if the annotation is applied to an interface, the implementation receives a new or empty UserDetails object.

Reproduction of the problem:
The problem can be reproduced with the example project: K-e-l-v-i-n-12/spring-security

Steps to reproduce:

  • Start the application.
  • Call http://localhost:8080/userByInterface (any username/password). The response is: Hello, null.
  • Call http://localhost:8080/userByImplementation (any username/password). The response is: Hello, test.

Actual behaviour:
If @AuthenticationPrincipal is applied to an interface, the implementation receives an empty UserDetails object.

Expected behaviour:
The UserDetails object should be passed correctly even when an interface is used.

Proposed solution:
Extend support for @AuthenticationPrincipal to interfaces.
@K-e-l-v-i-n-12 K-e-l-v-i-n-12 added status: waiting-for-triage An issue we've not yet triaged type: bug A general bug labels Nov 26, 2024
kse-music added a commit to kse-music/spring-security that referenced this issue Dec 2, 2024
@kse-music
Support @AuthenticationPrincipal on interfaces
6dfd604 
Closes spring-projectsgh-16177
@kse-music kse-music mentioned this issue Dec 2, 2024
Merged
kse-music added a commit to kse-music/spring-security that referenced this issue Dec 2, 2024
@kse-music
Support @AuthenticationPrincipal on interfaces
68dc359 
Closes spring-projectsgh-16177
kse-music added a commit to kse-music/spring-security that referenced this issue Dec 5, 2024
@kse-music
Support @AuthenticationPrincipal on interfaces
195eba4 
Closes spring-projectsgh-16177
kse-music added a commit to kse-music/spring-security that referenced this issue Dec 5, 2024
@kse-music
Support @AuthenticationPrincipal on interfaces
760ec9c 
Closes spring-projectsgh-16177
kse-music added a commit to kse-music/spring-security that referenced this issue Dec 5, 2024
@kse-music
Support @AuthenticationPrincipal on interfaces
999acf0 
Closes spring-projectsgh-16177
kse-music added a commit to kse-music/spring-security that referenced this issue Dec 6, 2024
@kse-music
Support @AuthenticationPrincipal on interfaces
4bab2ed 
Closes spring-projectsgh-16177
kse-music added a commit to kse-music/spring-security that referenced this issue Dec 6, 2024
@kse-music
Support @AuthenticationPrincipal on interfaces
5ad3baf 
Closes spring-projectsgh-16177
@jzheaux jzheaux mentioned this issue Dec 6, 2024
Closed
jzheaux added a commit that referenced this issue Dec 6, 2024
@jzheaux
Polish Tests
3d1e4b5 
Confirm that responses are a valid JSON map

Issue gh-16177
@jzheaux jzheaux closed this as completed in 87de6ce Dec 6, 2024
@jzheaux jzheaux reopened this Dec 6, 2024
@jzheaux
Copy link
Contributor

jzheaux commented Dec 6, 2024
edited
Loading

Apologies. 87de6ce was linked to the incorrect issue; it should be #16072

@jzheaux jzheaux added in: web An issue in web modules (web, webmvc) and removed status: waiting-for-triage An issue we've not yet triaged labels Dec 6, 2024
@jzheaux jzheaux added this to the 6.4.2 milestone Dec 6, 2024
kse-music added a commit to kse-music/spring-security that referenced this issue Dec 7, 2024
@kse-music
Support @AuthenticationPrincipal on interfaces
3a20373 
Closes spring-projectsgh-16177
kse-music added a commit to kse-music/spring-security that referenced this issue Dec 7, 2024
@kse-music
Support @AuthenticationPrincipal on interfaces
1f052b9 
Closes spring-projectsgh-16177
@jzheaux jzheaux mentioned this issue Dec 9, 2024
Merged
jzheaux pushed a commit to kse-music/spring-security that referenced this issue Dec 9, 2024
@kse-music @jzheaux
Restore Method Parameter Inheritance Support
dc96807 
Closes spring-projectsgh-16177
jzheaux added a commit to kse-music/spring-security that referenced this issue Dec 10, 2024
@jzheaux
Added Testing
8018b0e 
Issue spring-projectsgh-16177
jzheaux pushed a commit that referenced this issue Dec 10, 2024
@kse-music @jzheaux
Restore Method Parameter Inheritance Support
f565b23 
Closes gh-16177
jzheaux added a commit that referenced this issue Dec 10, 2024
@jzheaux
Added Testing
4cbaabb 
Issue gh-16177
@jzheaux jzheaux self-assigned this Dec 16, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jzheaux jzheaux

Labels
in: web An issue in web modules (web, webmvc) type: bug A general bug
Projects
None yet
Milestone
6.4.2
Development

Successfully merging a pull request may close this issue.

Restore @AuthenticationPrincipal/@CurrentSecurityContext Interface Support kse-music/spring-security
2 participants
@jzheaux @K-e-l-v-i-n-12