Skip to content

Spring Session integration only supports User as the principal #4252

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
fpavageau opened this issue Mar 17, 2017 · 0 comments · Fixed by #4253
Closed

Spring Session integration only supports User as the principal #4252

fpavageau opened this issue Mar 17, 2017 · 0 comments · Fixed by #4253
Assignees
@rwinch
Labels
in: core An issue in spring-security-core type: bug A general bug
Milestone
5.0.0.RC1

Comments

@fpavageau
Copy link
Contributor

Summary

In a Spring Boot application using both Spring Security and Spring Session (with Redis and JSON serialization), a UsernamePasswordAuthenticationToken with a custom class as the principal can be serialized, but not deserialized.

Actual Behavior

The deserialization produces the following error:

Could not read JSON: Unexpected token (END_OBJECT), expected FIELD_NAME: missing property '@Class' that is to contain type id (for class java.lang.Object)\n at [Source: N/A; line: -1, column: -1] (through reference chain: org.springframework.security.core.context.SecurityContextImpl["authentication"]); nested exception is com.fasterxml.jackson.databind.JsonMappingException: Unexpected token (END_OBJECT), expected FIELD_NAME: missing property '@Class' that is to contain type id (for class java.lang.Object)
at [Source: N/A; line: -1, column: -1] (through reference chain: org.springframework.security.core.context.SecurityContextImpl["authentication"])

Expected Behavior

Not getting an error when the session is deserialized from Redis.

Configuration

N/A

Version

Spring Security 4.2.2
Spring Session 1.3.0

Sample

N/A
@fpavageau fpavageau mentioned this issue Mar 17, 2017
Merged
1 task
@rwinch rwinch self-assigned this Oct 30, 2017
@rwinch rwinch added type: bug A general bug in: core An issue in spring-security-core labels Oct 30, 2017
@rwinch rwinch added this to the 5.0.0.RC1 milestone Oct 30, 2017
@fpavageau fpavageau mentioned this issue Oct 30, 2017
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@rwinch rwinch

Labels
in: core An issue in spring-security-core type: bug A general bug
Projects
None yet
Milestone
5.0.0.RC1
Development

Successfully merging a pull request may close this issue.

Replace improper JsonNode.toString() in Jackson support fpavageau/spring-security
2 participants
@rwinch @fpavageau