0

Spring security doesn't return user inside event listener

asked 2013-02-24 19:12:08 +0800

siarheinavatski gravatar image siarheinavatski
3 1

Hi all.
I have app with ZK and Spring Security. I logged in application through spring security mechanism. On index page I have some components which are created dynamically. "A" component has click listener;

**point1**
userComponent = new A("link");
userComponent.addEventListener(Events.ON_CLICK, new EventListener<Event>() {

    public void onEvent(Event event) throws Exception {
        **point2**
        //do something with current user
    }
});

In point1 I try to get current user with Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); It's work perfect and I receive logged user. But in point2 SecurityContextHolder.getContext().getAuthentication() returns null. How to get current user inside on click event?

Maybe stack traces can help. I see no SecurityFilters in stacktrace to point2

This is stack trace to point1

Thread [qtp2047697789-24] (Suspended (breakpoint at line 50 in DataObjectCellsModel))   
RolesCellsModel(DataObjectCellsModel<E>).render(Row, E, int) line: 50   
RolesCellsModel(DataObjectCellsModel<E>).render(Row, Object, int) line: 1   
Grid$Renderer.render(Row, int) line: 1009   
Grid.doInitRenderer() line: 900 
Grid.onInitRender() line: 859   
NativeMethodAccessorImpl.invoke0(Method, Object, Object[]) line: not available [native method]  
NativeMethodAccessorImpl.invoke(Object, Object[]) line: 39  
DelegatingMethodAccessorImpl.invoke(Object, Object[]) line: 25  
Method.invoke(Object, Object...) line: 597  
Grid(AbstractComponent).service(Event, Scope, List<EventListenerInfo>, EventHandler, Method, boolean) line: 2718    
Grid(AbstractComponent).service(Event, Scope) line: 2648    
EventProcessor.process() line: 136  
UiEngineImpl.processEvent(Desktop, Component, Event) line: 1702 
UiEngineImpl.process(Desktop, Event) line: 1487 
UiEngineImpl.execNewPage0(Execution, PageDefinition, Richlet, Page, Writer) line: 463   
UiEngineImpl.execNewPage(Execution, PageDefinition, Page, Writer) line: 316 
DHtmlLayoutServlet.process(Session, HttpServletRequest, HttpServletResponse, String, boolean) line: 215 
DHtmlLayoutServlet.doGet(HttpServletRequest, HttpServletResponse) line: 135 
DHtmlLayoutServlet(HttpServlet).service(HttpServletRequest, HttpServletResponse) line: 735  
DHtmlLayoutServlet(HttpServlet).service(ServletRequest, ServletResponse) line: 848  
ServletHolder.handle(Request, ServletRequest, ServletResponse) line: 669    
ServletHandler.doHandle(String, Request, HttpServletRequest, HttpServletResponse) line: 457 
ServletHandler(ScopedHandler).handle(String, Request, HttpServletRequest, HttpServletResponse) line: 137    
ConstraintSecurityHandler(SecurityHandler).handle(String, Request, HttpServletRequest, HttpServletResponse) line: 575   
SessionHandler.doHandle(String, Request, HttpServletRequest, HttpServletResponse) line: 231 
JettyWebAppContext(ContextHandler).doHandle(String, Request, HttpServletRequest, HttpServletResponse) line: 1075    
ServletHandler.doScope(String, Request, HttpServletRequest, HttpServletResponse) line: 384  
SessionHandler.doScope(String, Request, HttpServletRequest, HttpServletResponse) line: 193  
JettyWebAppContext(ContextHandler).doScope(String, Request, HttpServletRequest, HttpServletResponse) line: 1009 
JettyWebAppContext(ScopedHandler).handle(String, Request, HttpServletRequest, HttpServletResponse) line: 135    
Dispatcher.forward(ServletRequest, ServletResponse, DispatcherType) line: 276   
Dispatcher.forward(ServletRequest, ServletResponse) line: 103   
DefaultServlet.doGet(HttpServletRequest, HttpServletResponse) line: 566 
DefaultServlet(HttpServlet).service(HttpServletRequest, HttpServletResponse) line: 735  
DefaultServlet(HttpServlet).service(ServletRequest, ServletResponse) line: 848  
ServletHolder.handle(Request, ServletRequest, ServletResponse) line: 669    
ServletHandler$CachedChain.doFilter(ServletRequest, ServletResponse) line: 1448 
FilterChainProxy$VirtualFilterChain.doFilter(ServletRequest, ServletResponse) line: 330 
FilterSecurityInterceptor.invoke(FilterInvocation) line: 118    
FilterSecurityInterceptor.doFilter(ServletRequest, ServletResponse, FilterChain) line: 84   
FilterChainProxy$VirtualFilterChain.doFilter(ServletRequest, ServletResponse) line: 342 
ExceptionTranslationFilter.doFilter(ServletRequest, ServletResponse, FilterChain) line: 113 
FilterChainProxy$VirtualFilterChain.doFilter(ServletRequest, ServletResponse) line: 342 
SessionManagementFilter.doFilter(ServletRequest, ServletResponse, FilterChain) line: 103    
FilterChainProxy$VirtualFilterChain.doFilter(ServletRequest, ServletResponse) line: 342 
AnonymousAuthenticationFilter.doFilter(ServletRequest, ServletResponse, FilterChain) line: 113  
FilterChainProxy$VirtualFilterChain.doFilter(ServletRequest, ServletResponse) line: 342 
SecurityContextHolderAwareRequestFilter.doFilter(ServletRequest, ServletResponse, FilterChain) line: 54 
FilterChainProxy$VirtualFilterChain.doFilter(ServletRequest, ServletResponse) line: 342 
RequestCacheAwareFilter.doFilter(ServletRequest, ServletResponse, FilterChain) line: 45 
FilterChainProxy$VirtualFilterChain.doFilter(ServletRequest, ServletResponse) line: 342 
BasicAuthenticationFilter.doFilter(ServletRequest, ServletResponse, FilterChain) line: 150  
FilterChainProxy$VirtualFilterChain.doFilter(ServletRequest, ServletResponse) line: 342 
UsernamePasswordAuthenticationFilter(AbstractAuthenticationProcessingFilter).doFilter(ServletRequest, ServletResponse, FilterChain) line: 183   
FilterChainProxy$VirtualFilterChain.doFilter(ServletRequest, ServletResponse) line: 342 
LogoutFilter.doFilter(ServletRequest, ServletResponse, FilterChain) line: 105   
FilterChainProxy$VirtualFilterChain.doFilter(ServletRequest, ServletResponse) line: 342 
SecurityContextPersistenceFilter.doFilter(ServletRequest, ServletResponse, FilterChain) line: 87    
FilterChainProxy$VirtualFilterChain.doFilter(ServletRequest, ServletResponse) line: 342 
FilterChainProxy.doFilterInternal(ServletRequest, ServletResponse, FilterChain) line: 192   
FilterChainProxy.doFilter(ServletRequest, ServletResponse, FilterChain) line: 160   
DelegatingFilterProxy.invokeDelegate(Filter, ServletRequest, ServletResponse, FilterChain) line: 237    
DelegatingFilterProxy.doFilter(ServletRequest, ServletResponse, FilterChain) line: 167  
ServletHandler$CachedChain.doFilter(ServletRequest, ServletResponse) line: 1419 
ServletHandler.doHandle(String, Request, HttpServletRequest, HttpServletResponse) line: 455 
ServletHandler(ScopedHandler).handle(String, Request, HttpServletRequest, HttpServletResponse) line: 137    
ConstraintSecurityHandler(SecurityHandler).handle(String, Request, HttpServletRequest, HttpServletResponse) line: 557   
SessionHandler.doHandle(String, Request, HttpServletRequest, HttpServletResponse) line: 231 
JettyWebAppContext(ContextHandler).doHandle(String, Request, HttpServletRequest, HttpServletResponse) line: 1075    
ServletHandler.doScope(String, Request, HttpServletRequest, HttpServletResponse) line: 384  
SessionHandler.doScope(String, Request, HttpServletRequest, HttpServletResponse) line: 193  
JettyWebAppContext(ContextHandler).doScope(String, Request, HttpServletRequest, HttpServletResponse) line: 1009 
JettyWebAppContext(ScopedHandler).handle(String, Request, HttpServletRequest, HttpServletResponse) line: 135    
ContextHandlerCollection.handle(String, Request, HttpServletRequest, HttpServletResponse) line: 255 
HandlerCollection.handle(String, Request, HttpServletRequest, HttpServletResponse) line: 154    
JettyServer(HandlerWrapper).handle(String, Request, HttpServletRequest, HttpServletResponse) line: 116  
JettyServer(Server).handle(AbstractHttpConnection) line: 368    
AsyncHttpConnection(AbstractHttpConnection).handleRequest() line: 488   
AsyncHttpConnection(AbstractHttpConnection).headerComplete() line: 932  
AbstractHttpConnection$RequestHandler.headerComplete() line: 994    
HttpParser.parseNext() line: 640    
HttpParser.parseAvailable() line: 235   
AsyncHttpConnection.handle() line: 82   
SelectChannelEndPoint.handle() line: 628    
SelectChannelEndPoint$1.run() line: 52  
QueuedThreadPool.runJob(Runnable) line: 608 
QueuedThreadPool$3.run() line: 543  
Thread.run() line: 662

and stack trace to point2

DataObjectCellsModel$1.onEvent(Event) line: 54  
AbstractComponent.onEvent(EventListener, Event) line: 2736  
A(AbstractComponent).service(Event, Scope, List<EventListenerInfo>, EventHandler, Method, boolean) line: 2707   
A(AbstractComponent).service(Event, Scope) line: 2648   
EventProcessor.process() line: 136  
UiEngineImpl.processEvent(Desktop, Component, Event) line: 1702 
UiEngineImpl.process(Desktop, Event) line: 1487 
UiEngineImpl.execUpdate(Execution, List<AuRequest>, AuWriter) line: 1204    
DHtmlUpdateServlet.process(Session, HttpServletRequest, HttpServletResponse) line: 558  
DHtmlUpdateServlet.doGet(HttpServletRequest, HttpServletResponse) line: 456 
DHtmlUpdateServlet.doPost(HttpServletRequest, HttpServletResponse) line: 464    
DHtmlUpdateServlet(HttpServlet).service(HttpServletRequest, HttpServletResponse) line: 755  
DHtmlUpdateServlet(HttpServlet).service(ServletRequest, ServletResponse) line: 848  
ServletHolder.handle(Request, ServletRequest, ServletResponse) line: 669    
ServletHandler$CachedChain.doFilter(ServletRequest, ServletResponse) line: 1448 
FilterChainProxy.doFilterInternal(ServletRequest, ServletResponse, FilterChain) line: 186   
FilterChainProxy.doFilter(ServletRequest, ServletResponse, FilterChain) line: 160   
DelegatingFilterProxy.invokeDelegate(Filter, ServletRequest, ServletResponse, FilterChain) line: 237    
DelegatingFilterProxy.doFilter(ServletRequest, ServletResponse, FilterChain) line: 167  
ServletHandler$CachedChain.doFilter(ServletRequest, ServletResponse) line: 1419 
ServletHandler.doHandle(String, Request, HttpServletRequest, HttpServletResponse) line: 455 
ServletHandler(ScopedHandler).handle(String, Request, HttpServletRequest, HttpServletResponse) line: 137    
ConstraintSecurityHandler(SecurityHandler).handle(String, Request, HttpServletRequest, HttpServletResponse) line: 557   
SessionHandler.doHandle(String, Request, HttpServletRequest, HttpServletResponse) line: 231 
JettyWebAppContext(ContextHandler).doHandle(String, Request, HttpServletRequest, HttpServletResponse) line: 1075    
ServletHandler.doScope(String, Request, HttpServletRequest, HttpServletResponse) line: 384  
SessionHandler.doScope(String, Request, HttpServletRequest, HttpServletResponse) line: 193  
JettyWebAppContext(ContextHandler).doScope(String, Request, HttpServletRequest, HttpServletResponse) line: 1009 
JettyWebAppContext(ScopedHandler).handle(String, Request, HttpServletRequest, HttpServletResponse) line: 135    
ContextHandlerCollection.handle(String, Request, HttpServletRequest, HttpServletResponse) line: 255 
HandlerCollection.handle(String, Request, HttpServletRequest, HttpServletResponse) line: 154    
JettyServer(HandlerWrapper).handle(String, Request, HttpServletRequest, HttpServletResponse) line: 116  
JettyServer(Server).handle(AbstractHttpConnection) line: 368    
AsyncHttpConnection(AbstractHttpConnection).handleRequest() line: 488   
AsyncHttpConnection(AbstractHttpConnection).content(Buffer) line: 943   
AbstractHttpConnection$RequestHandler.content(Buffer) line: 1004    
HttpParser.parseNext() line: 861    
HttpParser.parseAvailable() line: 240   
AsyncHttpConnection.handle() line: 82   
SelectChannelEndPoint.handle() line: 628    
SelectChannelEndPoint$1.run() line: 52  
QueuedThreadPool.runJob(Runnable) line: 608 
QueuedThreadPool$3.run() line: 543  
Thread.run() line: 662
delete flag offensive retag edit

Comments

Have you enabled ZK Event thread? If so then disable it as Spring Security maintains user context information in servlet thread whereas if you have enabled ZK event threads then that information will not be copied over to event threads (Note: By default event threads are disabled since ZK 5+ versio)

ashishd ( 2013-02-25 01:48:03 +0800 )edit

ZK event thread is disabled by default. My spring security configuration is http://pastebin.com/cyLtJLwC , zk.xml is empty - only <zk></zk> Maybe it is incompatibility of libraries - I use spring-3.0.7, spring-security-3.1.3, zk-6.0.1, zkspring-core-3.1.1, zkspring-security-3.1.1

siarheinavatski ( 2013-02-27 23:27:34 +0800 )edit
Be the first one to answer this question!
Please start posting your answer anonymously - your answer will be saved within the current session and published after you log in or create a new account. Please try to give a substantial answer, for discussions, please use comments and please do remember to vote (after you log in)!

[hide preview]

Question tools

Follow
1 follower

RSS

Stats

Asked: 2013-02-24 19:12:08 +0800

Seen: 27 times

Last updated: Feb 24 '13

Related questions

Not able to bind Spring beans after zk upgrade

Spring AOP in ViewModel

Integrate Spring 3 MVC with Zk

secure login

configuring authentication with jaas

Spring security logout keeps processing...

How to properly wire variable?

ZK Spring (ZK + Spring MVC) is RESTful?

Spring WebApplicationInitializer and ZK

how to get spring security session from zk controller ?

About Us | Faq | Help | Privacy Policy | Contact Us
Copyright Potix Corporation 2015.
Content on this site is licensed under a Creative Commons Attribution Share Alike 3.0 license.
Support Options
  • Email Support
  • Training
  • Consulting
  • Outsourcing
Learn More