Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Spring Security - Authentication's username is null in AuthenticationSuccessHandler

Tags:

java

authentication

null

spring

spring-security

I have a Customer class which has all the account info.(it does NOT extend Spring's userdetails.User class) I'm trying to do some stuff after a successful login (e.g. set new last login time). To achieve this I set up a custom AuthenticationSuccessHandler.

In the onAuthenticationSuccess method I try to get the username from the Authentication object. This object however is a User object. If I try to get the username from it I get null. Can I somehow manage to make the Authority object a Customer object? Or does my Customer class have to extend the User class?

Update

Some more details:

I have my User class. It is completely self written and doesn't implement or extend any interface/class. I do not have a class that implements a UserDetailsService. The <form-login> part of my applicationContext-security.xml looks like this:

<form-login login-page="/index.htm"
                authentication-success-handler-ref='authSuccHandler'
                authentication-failure-handler-ref='authFailureHandler'
                default-target-url='/library/login.htm'
                always-use-default-target='true'/>

Theh authSuccHandler looks like this: (The necessary bean definition is in place)

public class PostSuccessfulAuthenticationHandler extends  SimpleUrlAuthenticationSuccessHandler 
{
@Autowired
private UserService userService;

@Override
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response,
        Authentication authentication) throws ServletException, IOException 
        {
            userService.trackUserLogin(authentication.getName()); //NullPointerException
            super.onAuthenticationSuccess(request, response, authentication);
        }
}

The form redirects to j_spring_security_check

like image 506
tschaei Avatar asked Apr 27 '26 08:04

tschaei

2 Answers

Authentication cannot be User, since they don't inherit each other.

If your UserDetailsService produces a custom UserDetails, you should be able to obtain it by calling getDetails() on Authentication.

like image 136
axtavt Avatar answered Apr 28 '26 21:04

axtavt

When the request comes into the authentication success handler, it expects you to redirect to the desired URL. Use the following to redirect to the desired page like home.htm. This will work definitely! The modified code is given below. Check it and let me know if you have any issues.

 public class PostSuccessfulAuthenticationHandler extends  SimpleUrlAuthenticationSuccessHandler 
  {
        @Autowired
        private UserService userService;

        @Override
        public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response,
    Authentication authentication) throws ServletException, IOException 
    {
        userService.trackUserLogin(authentication.getName()); //NullPointerException
        response.sendRedirect("home.htm");
        //super.onAuthenticationSuccess(request, response, authentication);
    }
}
like image 21
Balasubramanian Jayaraman Avatar answered Apr 28 '26 22:04

Balasubramanian Jayaraman

Sign in to Comment

Related questions

Accessing Gmail emails in Android
How to write content to a file
how to check if a specific instance of a class is running in java?
Using Hibernate to migrate data
Sign Office documents (with a certificate) by code

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!