Details

    • Type: Improvement
    • Status: In Progress
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 2.7.11
    • Fix Version/s: None
    • Component/s: JAX-RS
    • Labels:
      None
    • Estimated Complexity:
      Unknown

      Description

      Currently two different SecurityContext interfaces are available in CXF:
      a) standard java: javax.ws.rs.core.SecurityContext
      b) internal CXF: org.apache.cxf.security.SecurityContext

      Context injection using @Context annotation works only for standard one. If user purposely or deliberately tries to inject internal CXF SecurityContext, access to it caused not very informative NLP:

      Caused by: java.lang.NullPointerException
      	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
      	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
      	at java.lang.reflect.Method.invoke(Method.java:606)
      	at org.apache.cxf.jaxrs.impl.tl.ThreadLocalInvocationHandler.invoke(ThreadLocalInvocationHandler.java:36)
      	at com.sun.proxy.$Proxy5.getUserPrincipal(Unknown Source)
      	at demo.rs.security.SimpleCustomerService.getCustomer(SimpleCustomerService.java:26)
      	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
      	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
      	at java.lang.reflect.Method.invoke(Method.java:606)
      	at org.apache.cxf.service.invoker.AbstractInvoker.performInvocation(AbstractInvoker.java:181)
      	at org.apache.cxf.service.invoker.AbstractInvoker.invoke(AbstractInvoker.java:97)
      	... 26 more
      

      I would propose either to support injections of both contexts or provide more clear error message.

        Attachments

          Activity

            People

            • Assignee:
              sergey_beryozkin Sergey Beryozkin
              Reporter:
              ashakirin Andrei Shakirin
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated: