Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

SpelEvaluationException: EL1007E:(pos 43): Field or property 'group' cannot be found on null

I have SPRING METHOD security fully configured for my web application. (with PRE/POST annotations enabled).

However recently I encountered a strange issue with them. Summary as follows:

  1. Summary of POJOS

    // User Class
    public class User {
        int id;
        String name;
        // getters and setters
    }
    
    // Group Class
    public class Group {
        int id;
        String name;
        // getters and setters
    }
    
    // GroupMembership class
    public class GroupMembership {
        private int id;
        private User user;
        private Group group;
        // getters and setters
    }
    
  2. PreAuthorise filter on method .

    @PreAuthorize("canIEditGroupProfile(#membership.group.id)")
    public int updateGroupMembership(GroupMembership membership)
        throws GroupsServiceException;
    

Upon passing a fully populated GroupMembership object (proper user and group compositions present), the security filter throws following exception:

errorMessage: "Failed to evaluate expression
    canIEditGroupProfile(#membership.group.id)'"

Upon digging into the exception:

The cause is found to be:

org.springframework.expression.spel.SpelEvaluationException:
    EL1007E:(pos 33): Field or property 'group' cannot be found on null

Please provide pointers to address the same.

like image 459
hemantvsn Avatar asked Apr 09 '14 10:04

hemantvsn


2 Answers

getter/setters seems fine... also no case of null.

However a interesting observation; this one gives me an error:

@PreAuthorize("canIEditGroupProfile(#membership.group.id)")
public int updateGroupMembership(GroupMembership membership)
    throws GroupsServiceException; 

This works fine:

@PreAuthorize("canIEditGroupProfile(#groupmembership.group.id)")
public int updateGroupMembership(GroupMembership groupmembership)
    throws GroupsServiceException;

Further I observed, the parameter name was mismatching in case of first (i.e Service and ServiceImpl both had different parameter names).

Now maintaining the uniformity, the issue seems to be fixed.

like image 58
hemantvsn Avatar answered Oct 30 '22 09:10

hemantvsn


I got the same issue in my Spring Boot application. It turned out that I was compiling without my debug symbols information, as it is mentioned in a comment above. I would like to remark that I could fix the issue in two ways:

1.(My favourite one): Just include this in your pom.xml --> plugins

<plugin>
    <groupId>org.apache.maven.plugins</groupId>
    <artifactId>maven-compiler-plugin</artifactId>
    <configuration>
       <compilerArgument>-parameters</compilerArgument>
       <testCompilerArgument>-parameters</testCompilerArgument>
    </configuration>
</plugin>
  1. If you are using Java 1.8 and Eclipse as an IDE, go to your Project Properties --> Java Compile --> check "Store information about method parameters (usable via reflection)".

I found really interesting this link to know more about the issue.

Hope it helps!

like image 39
alonso_50 Avatar answered Oct 30 '22 08:10

alonso_50