SessionSafePricipal Error

Hy,

I m writing my own Authenticator but I get stuck with the following Error: com.atlassian.confluence.user.SessionSafePrincipal cannot be cast to com.atlassian.user.User

This is my Code so far (any Idea what I am doing wrong?):

public class SSOAuthenticator extends ConfluenceAuthenticator 
{

    private static final Logger log = Logger.getLogger(SSOAuthenticator.class);

    public Principal getUser(HttpServletRequest request, HttpServletResponse response)
    {
        Principal user = null;

        try
        {
            if(request.getSession() != null && request.getSession().getAttribute(ConfluenceAuthenticator.LOGGED_IN_KEY) != null)
            {
                log.info("Session found; user already logged in");
                user = (Principal) request.getSession().getAttribute(ConfluenceAuthenticator.LOGGED_IN_KEY);
            }
            else
            {
            	String username = request.getParameter("logonName");
            	String sessionID = request.getParameter("session_id");
                if (username != null && sessionID != null)
                {
                    log.info("Trying Single Sign-on...");
                    System.out.println("Got username = " + username);
                    
                    user = getUser(username);
                    if(user != null)
                    {
                    	String charset = "UTF-8";

                    	String url ="..."+                   			
                    			"sessionId="+sessionID+"&"+
                    			"userId="+username;
                    	
                    	URLConnection connection = new URL(url).openConnection();
                    	connection.setRequestProperty("Accept-Charset", charset);

                    	int status = ((HttpURLConnection) connection).getResponseCode();
                    	
                    	log.info("Response Code: "+status);
                    	
                    	if(status==200)
                    	{
		                    log.info("Logged in via SSO, with User "+user);
		                    request.getSession().setAttribute(ConfluenceAuthenticator.LOGGED_IN_KEY, user);
		                    request.getSession().setAttribute(ConfluenceAuthenticator.LOGGED_OUT_KEY, null);
                    	}else
                    	{
                    		log.info("invalid login");
                        	return null;
                    	}
                    }else
                    {
                    	log.info("user does not exist");
                    	return null;
                    }
                }
                else
                {
                    log.info("logonName or session_id Parameter missing");
                    //user was not found, or not currently valid
                    return null;
                }
            }
        }
        catch (Exception e) // catch class cast exceptions
        {
            log.warn("Exception: " + e, e);
        }
        return user;
    }

}

2 answers

1 accepted

I found a solution for this.

It seems that if the user is allready logged in and you get it by using:

user = (Principal) request.getSession().getAttribute(ConfluenceAuthenticator.LOGGED_IN_KEY);

you can not simply return this user for your getUser(...) return value.
I had to get the user from ConfluenceAuthenticator SuperClass:

log.info("Session found; user already logged in");
                user = (Principal) request.getSession().getAttribute(ConfluenceAuthenticator.LOGGED_IN_KEY);
                username = user.getName();
                log.info("USER : "+ username);
                user = getUser(username);

Pascal, I had exactly the same problem, and you found the solution !

Thank you

Suggest an answer

Log in or Sign up to answer
How to earn badges on the Atlassian Community

How to earn badges on the Atlassian Community

Badges are a great way to show off community activity, whether you’re a newbie or a Champion.

Learn more
Community showcase
Published yesterday in Trello

Get inspired with Trello & earn free Gold

A blank Trello board can be both a beautiful and intimidating thing. How many lists should I have? Is creating 10 labels overkill? How can I best track my progress? Is there a way...

28 views 0 3
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you