SessionSafePricipal Error

Hy,

I m writing my own Authenticator but I get stuck with the following Error: com.atlassian.confluence.user.SessionSafePrincipal cannot be cast to com.atlassian.user.User

This is my Code so far (any Idea what I am doing wrong?):

public class SSOAuthenticator extends ConfluenceAuthenticator 
{

    private static final Logger log = Logger.getLogger(SSOAuthenticator.class);

    public Principal getUser(HttpServletRequest request, HttpServletResponse response)
    {
        Principal user = null;

        try
        {
            if(request.getSession() != null && request.getSession().getAttribute(ConfluenceAuthenticator.LOGGED_IN_KEY) != null)
            {
                log.info("Session found; user already logged in");
                user = (Principal) request.getSession().getAttribute(ConfluenceAuthenticator.LOGGED_IN_KEY);
            }
            else
            {
            	String username = request.getParameter("logonName");
            	String sessionID = request.getParameter("session_id");
                if (username != null && sessionID != null)
                {
                    log.info("Trying Single Sign-on...");
                    System.out.println("Got username = " + username);
                    
                    user = getUser(username);
                    if(user != null)
                    {
                    	String charset = "UTF-8";

                    	String url ="..."+                   			
                    			"sessionId="+sessionID+"&"+
                    			"userId="+username;
                    	
                    	URLConnection connection = new URL(url).openConnection();
                    	connection.setRequestProperty("Accept-Charset", charset);

                    	int status = ((HttpURLConnection) connection).getResponseCode();
                    	
                    	log.info("Response Code: "+status);
                    	
                    	if(status==200)
                    	{
		                    log.info("Logged in via SSO, with User "+user);
		                    request.getSession().setAttribute(ConfluenceAuthenticator.LOGGED_IN_KEY, user);
		                    request.getSession().setAttribute(ConfluenceAuthenticator.LOGGED_OUT_KEY, null);
                    	}else
                    	{
                    		log.info("invalid login");
                        	return null;
                    	}
                    }else
                    {
                    	log.info("user does not exist");
                    	return null;
                    }
                }
                else
                {
                    log.info("logonName or session_id Parameter missing");
                    //user was not found, or not currently valid
                    return null;
                }
            }
        }
        catch (Exception e) // catch class cast exceptions
        {
            log.warn("Exception: " + e, e);
        }
        return user;
    }

}

2 answers

1 accepted

This widget could not be displayed.

I found a solution for this.

It seems that if the user is allready logged in and you get it by using:

user = (Principal) request.getSession().getAttribute(ConfluenceAuthenticator.LOGGED_IN_KEY);

you can not simply return this user for your getUser(...) return value.
I had to get the user from ConfluenceAuthenticator SuperClass:

log.info("Session found; user already logged in");
                user = (Principal) request.getSession().getAttribute(ConfluenceAuthenticator.LOGGED_IN_KEY);
                username = user.getName();
                log.info("USER : "+ username);
                user = getUser(username);

This widget could not be displayed.

Pascal, I had exactly the same problem, and you found the solution !

Thank you

Suggest an answer

Log in or Sign up to answer
Atlassian Summit 2018

Meet the community IRL

Atlassian Summit is an excellent opportunity for in-person support, training, and networking.

Learn more
Community showcase
Published 9 hours ago in Marketplace Apps

The 7 hacks of highly successful automation

...there's anything I've learnt from working, it's that people are lazy! No offense to anyone reading this, but it's true and we can all admit it. The easier you make something for someone, the more...

54 views 0 8
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you