Spring: SecurityContextHolder.getContext().getAuthentication().getPrincipal() returns null

Question

In My MVC application, even after login when I am trying to get the principal object using,

Object principal = SecurityContextHolder.getContext().getAuthentication().getPrincipal();

the authentication is returned as null.

In Spring-security context,

<intercept-url pattern="/test/user/login" access="IS_AUTHENTICATED_ANONYMOUSLY" />

Servlet mapping in Web.xml:

<servlet-mapping>
        <servlet-name>appServlet</servlet-name>
        <url-pattern>/</url-pattern>
    </servlet-mapping>

I am new to MVC implementation. Please help me in fixing this.

score 0 · Answer 1 · edited May 23 '17 at 11:57

0

It looks like Spring Security instantiate a new context every time there is a "redirect".
So getContext() returns a new object rather the one you used in login. Someone suggested to get the context from session.
See the answer to this post.
"Spring's SecurityContextHolder.getContext().getAuthentication() returns null after RedirectView is used in HTTPS/SSL"

edited May 23 '17 at 11:57

Community

answered Jul 22 '14 at 16:39

user2292916

1 Answers1