https://connect.hyland.com/t5/alfresco-archive/authenticateduserid-no-set-in-rest-5-16-4/m-p/199110#M152240 <HTML><HEAD></HEAD><BODY><SPAN>Wow - very good catch!</SPAN><BR /><BR /><SPAN>We eventually went with&nbsp; .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS) instead of disable().</SPAN><BR /><SPAN>This also allows to keep the securityContext() enabled, which might come in handy one day.</SPAN><BR /><BR /><SPAN>It's fixed here: </SPAN><A href="https://github.com/Activiti/Activiti/commit/3bb10cf9e44f531d70d09b05fc6916acf3e4b2a2" rel="nofollow noopener noreferrer">https://github.com/Activiti/Activiti/commit/3bb10cf9e44f531d70d09b05fc6916acf3e4b2a2</A><BR /><BR /><SPAN>It's a bug commit, cause we wanted to make sure we catch this error in test, so we refactored from using a new HttpClient instance for each call to using a shared one for all tests (which indeed highlighted your issue and didn't show it before).</SPAN><BR /><BR /><SPAN>This post is exactly one of the reasons why I keep visiting the forum every day. Really nice catch. Thanks!</SPAN></BODY></HTML> Mon, 27 Oct 2014 18:25:28 GMT jbarrez 2014-10-27T18:25:28Z https://connect.hyland.com/t5/alfresco-archive/authenticateduserid-no-set-in-rest-5-16-4/m-p/199109#M152239 Using configuration in activiti-webapp-rest2, authenticatedUserId is only passed to Activiti on first REST call only. Due to spring security settings which saves authentication in session, BasicAuthenticationProvider.authenticate() gets called only once per session, resulting in not passing authenti Sun, 26 Oct 2014 00:33:01 GMT https://connect.hyland.com/t5/alfresco-archive/authenticateduserid-no-set-in-rest-5-16-4/m-p/199109#M152239 balsarori 2014-10-26T00:33:01Z https://connect.hyland.com/t5/alfresco-archive/authenticateduserid-no-set-in-rest-5-16-4/m-p/199110#M152240 <HTML><HEAD></HEAD><BODY><SPAN>Wow - very good catch!</SPAN><BR /><BR /><SPAN>We eventually went with&nbsp; .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS) instead of disable().</SPAN><BR /><SPAN>This also allows to keep the securityContext() enabled, which might come in handy one day.</SPAN><BR /><BR /><SPAN>It's fixed here: </SPAN><A href="https://github.com/Activiti/Activiti/commit/3bb10cf9e44f531d70d09b05fc6916acf3e4b2a2" rel="nofollow noopener noreferrer">https://github.com/Activiti/Activiti/commit/3bb10cf9e44f531d70d09b05fc6916acf3e4b2a2</A><BR /><BR /><SPAN>It's a bug commit, cause we wanted to make sure we catch this error in test, so we refactored from using a new HttpClient instance for each call to using a shared one for all tests (which indeed highlighted your issue and didn't show it before).</SPAN><BR /><BR /><SPAN>This post is exactly one of the reasons why I keep visiting the forum every day. Really nice catch. Thanks!</SPAN></BODY></HTML> Mon, 27 Oct 2014 18:25:28 GMT https://connect.hyland.com/t5/alfresco-archive/authenticateduserid-no-set-in-rest-5-16-4/m-p/199110#M152240 jbarrez 2014-10-27T18:25:28Z