Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

ThreadLocal<String> authenticatedUserIdThreadLocal sometimes null

ahmed_mahfouz
Champ in-the-making
Champ in-the-making

‎04-03-2017 12:25 PM

I have implemented a small widget to allow the users to add comments to a task. I use AngularJS and I use activiti-reset and I pass the basic authentication hash as a http header. the problem that authenticatedUserIdThreadLocal.get() is inconsistent and it doesn't return always the authenticated and sometimes it returns null.

as you can see in the picture the user id is available and printed. but just in the middle there was no user id.

Any idea how to resolve such issue? I would really appreciate it.

Labels:
0 Kudos
4 REPLIES 4

gdharley
Elite Collaborator
Elite Collaborator

‎04-03-2017 05:46 PM

Have you tried simply using the authentication object?

SecurityContextHolder.getContext().getAuthentication().getPrincipal()

This should hold the user principal for any of your secure rest calls.

Greg

0 Kudos

ahmed_mahfouz
Champ in-the-making
Champ in-the-making
In response to gdharley

‎04-03-2017 09:52 PM

Actually I didn't do a custom implementation this is the existing implementation for AddCommentCmd in activiti-engine:

String userId = Authentication.getAuthenticatedUserId();
CommentEntity comment = new CommentEntity();
comment.setUserId(userId);
comment.setType( (type == null)? CommentEntity.TYPE_COMMENT : type );
comment.setTime(commandContext.getProcessEngineConfiguration().getClock().getCurrentTime());
comment.setTaskId(taskId);
comment.setProcessInstanceId(processInstanceId);
comment.setAction(Event.ACTION_ADD_COMMENT);

Also the issue that sometimes if other user just logged in  Authentication.getAuthenticatedUserId(); returns the other username instead of my username I am not sure how the threads are sharing the same value.

0 Kudos

ahmed_mahfouz
Champ in-the-making
Champ in-the-making

‎04-03-2017 10:49 PM

I implemented a workaround by creating a filter to set the username every time I do a rest call to activiti-reset:

@Component
public class AuthenticationFilter implements Filter {

@Override
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain)
throws IOException, ServletException {
          HttpServletRequest request = (HttpServletRequest) req;
          String username=request.getUserPrincipal().getName();
          Authentication.setAuthenticatedUserId(username);
          chain.doFilter(req, res);
}

@Override
public void destroy() {
}

@Override
public void init(FilterConfig arg0) throws ServletException {
}

0 Kudos

gdharley
Elite Collaborator
Elite Collaborator
In response to ahmed_mahfouz

‎04-05-2017 01:05 PM

You really shouldnt have needed to implement a new filter.
Your own filter logic indicates the use principal is included in the request.

However, I'm glad you found a work around.

Greg

0 Kudos
Getting started

Explore our Alfresco products with the links below. Use labels to filter content by product module.

Copyright © 2024 Khoros, LLC