Re: [keycloak-user] Spring Security Adapter working but no Principal
Hi,
cant provide that but after extensive debugging we know the problem.
Had nothing to do with Keycloak Spring Adapter but a Hystrix
Annotation on the Spring Controller. Hystrix dispatches to a whole new
thread and this breaks the SecurityContextHolder which is of course
ThreadLocal based.
We removed the hystrix stuff for now and will investigate that later on.
marc
2018-04-04 11:24 GMT+02:00 Sebastien Blanc <sblanc(a)redhat.com>:
Do you have a sample project shared somewhere to reproduce this ?
On Wed, Apr 4, 2018 at 11:14 AM, Marc Logemann <marc.logemann(a)gmail.com>
wrote:
>
> Hi,
>
> i have a weird thing going on. My keycloak Spring Security adapter
> works as expected. But i am unable to retrieve the principal. I am
> requesting a REST service with a valid Bearer Token. In the REST
> controller i want to see the principal via:
>
> Principal userPrincipal = request.getUserPrincipal();
>
> or
>
> Authentication authentication =
> SecurityContextHolder.getContext().getAuthentication();
> String currentPrincipalName = authentication.getName();
>
> But everything is null. Funny thing is, the Keycloak Filter set the
> Authentication correctly but at the end, in my controller, its not
> there anymore.
>
> here is my filter list:
>
> Security filter chain: [
> WebAsyncManagerIntegrationFilter
> SecurityContextPersistenceFilter
> HeaderWriterFilter
> KeycloakPreAuthActionsFilter
> LogoutFilter
> KeycloakAuthenticationProcessingFilter
> RequestCacheAwareFilter
> SecurityContextHolderAwareRequestFilter
> AnonymousAuthenticationFilter
> SessionManagementFilter
> ExceptionTranslationFilter
> FilterSecurityInterceptor
> ]
>
> Has anyone experienced something like this or has an idea?
>
> Thanks
> Marc
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user