SEC-1857: ContextPropagatingRemoteInvocation does not correctly propagate the principal #2092

spring-issuemaster opened this Issue Nov 10, 2011 · 1 comment


None yet

1 participant


Wayne Robinson (Migrated from SEC-1857) said:

ContextPropagatingRemoteInvocation was changed so that the principal and credentials were propagated via the toString method (see, as follows:

principal = currentUser.getPrincipal().toString();
credentials = currentUser.getCredentials().toString();

However, this only works if the toString method actually returns the principals name and in the case of principal of type it returns a description of the User object, not the name.

I suggest the solution is as follows (it works for me at least):

principal = currentUser.getName();
credentials = currentUser.getCredentials().toString();

Any more info required just let me know.


Luke Taylor said:

This seems like a good idea. I've made the suggested change.

@spring-issuemaster spring-issuemaster added this to the 3.1.0 milestone Feb 5, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment