[jboss-jira] [JBoss JIRA] (AS7-3227) When a Stateless Session Bean is used as a REST-Resource, calling getUserPrincipal() on an injected SecurityContext sometimes returns null

Philipp Berger (Created) (JIRA) jira-events at lists.jboss.org
Mon Jan 9 12:00:12 EST 2012 

When a Stateless Session Bean is used as a REST-Resource, calling getUserPrincipal() on an injected SecurityContext sometimes returns null
------------------------------------------------------------------------------------------------------------------------------------------

                 Key: AS7-3227
                 URL: https://issues.jboss.org/browse/AS7-3227
             Project: Application Server 7
          Issue Type: Bug
          Components: EJB, REST
    Affects Versions: 7.1.0.CR1b, 7.0.2.Final
         Environment: Ubuntu Linux 11.04 64-bit, jdks 1.7.0_02 and 1.6.0_26
            Reporter: Philipp Berger
            Assignee: jaikiran pai


Considered the following stateless session bean which is propagated as a REST-Webservice:

{code:title=UserPrincipalRESTService.java|borderStyle=solid}
@Path("/test")
public interface UserPrincipalRESTService {

	@GET
	@Produces(MediaType.TEXT_PLAIN)
	String helloUser();
}
{code} 

{code:title=UserPrincipalRESTServiceImpl.java|borderStyle=solid}
@Stateless
@Local
public class UserPrincipalRESTServiceImpl implements UserPrincipalRESTService {

	@Context
	private SecurityContext securityContext;

    public String helloUser() {
		final String userName = securityContext.getUserPrincipal().getName();
		return "Hello " + userName+"!";
	}
}
{code} 

After a certain (sometimes very large) amount of GET Requests on the Resource, the injected SecurityContext's user principal suddenly is null and a NPE is thrown. Once this happened, every second call to the resource will throw a NPE until the application server is restarted.  



--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the jboss-jira mailing list