Actions
bug #6885
openUserService.loadUserByUsername() cannot find user in long running session
Start date:
Due date:
% Done:
0%
Estimated time:
Severity:
normal
Found in Version:
Description
When UserService.loadUserByUsername() in a long running session which is managed through the ConversationHolder, the user is never found.
This can breaks login attempts made from within the conversation since loadUserByUsername() is being used in the DaoAuthenticationProvider:
protected final UserDetails retrieveUser(String username,
UsernamePasswordAuthenticationToken authentication)
throws AuthenticationException {
UserDetails loadedUser;
try {
loadedUser = this.getUserDetailsService().loadUserByUsername(username);
}
catch (UsernameNotFoundException notFound) {
if (authentication.getCredentials() != null) {
String presentedPassword = authentication.getCredentials().toString();
passwordEncoder.isPasswordValid(userNotFoundEncodedPassword,
presentedPassword, null);
}
throw notFound;
}
Related issues
Updated by Andreas Kohlbecker over 5 years ago
- Related to bug #6886: Entity creation for users having only CREATE may fail in long running conversations added
Updated by Andreas Müller over 5 years ago
Is this still an open issue after now not using long running sessions in Vaadin anymore? If not, can we set to Rejected? If yes, can you provide more information or a cdmlib test which describes the problem.
Actions