I have spring boot 3.3.0 application.
This code works, but when I go to any other endpoint, and the cookies are already set, then principall == null.
How make available Principal in second endpoint too? How make authorization persistent ?
@RequestMapping(method = RequestMethod.GET)
public @ResponseBody String anonAuth(
Principal principal,
HttpServletRequest request,
HttpServletResponse response
) throws Exception {
AppUser user;
if (principal != null) {
user = userRepository.findByUsername(principal.getName()).orElseThrow();
} else {
user = new AppUser();
user.setUsername(UUID.randomUUID().toString());
user.setPassword(UUID.randomUUID().toString());
AnonymousAuthenticationToken token = new AnonymousAuthenticationToken(
"anonymous", user.getUsername(), user.getAuthorities());
SecurityContext context = SecurityContextHolder.getContext();
context.setAuthentication(token);
}
userRepository.save(user);
}
Authentication currentAuth = SecurityContextHolder.getContext().getAuthentication();
return "Hello, " + currentAuth.getName() +"! Your authorities are: " + currentAuth.getAuthorities()";
}
Return to me
Hello, 83d24a72-8e63-4f97-8dd1-eb47ac1b7d5f! Your authorities are: [entity.AppUser$$Lambda/0x000076007cb7e000@5a7f3805]
My test endpoint :
@GetMapping("/test")
public String userInfoDtoTest(Principal principal) {
if (Objects.isNull(principal)) {
log.error("Principal is null");
}
Authentication currentAuth = SecurityContextHolder.getContext().getAuthentication();
log.info("Hello, " + currentAuth.getName() +"! Your authorities are: " + currentAuth.getAuthorities());
return currentAuth.getName();
}
Logs:
ERROR 200361 --- [nio-8494-exec-6] UserController : Principal is null
INFO 200361 --- [nio-8494-exec-6] UserController : Hello, anonymousUser! Your authorities are: [ROLE_ANONYMOUS]