It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

SessionSafePricipal Error

Hy,

I m writing my own Authenticator but I get stuck with the following Error: com.atlassian.confluence.user.SessionSafePrincipal cannot be cast to com.atlassian.user.User

This is my Code so far (any Idea what I am doing wrong?):

public class SSOAuthenticator extends ConfluenceAuthenticator 
{

    private static final Logger log = Logger.getLogger(SSOAuthenticator.class);

    public Principal getUser(HttpServletRequest request, HttpServletResponse response)
    {
        Principal user = null;

        try
        {
            if(request.getSession() != null && request.getSession().getAttribute(ConfluenceAuthenticator.LOGGED_IN_KEY) != null)
            {
                log.info("Session found; user already logged in");
                user = (Principal) request.getSession().getAttribute(ConfluenceAuthenticator.LOGGED_IN_KEY);
            }
            else
            {
            	String username = request.getParameter("logonName");
            	String sessionID = request.getParameter("session_id");
                if (username != null && sessionID != null)
                {
                    log.info("Trying Single Sign-on...");
                    System.out.println("Got username = " + username);
                    
                    user = getUser(username);
                    if(user != null)
                    {
                    	String charset = "UTF-8";

                    	String url ="..."+                   			
                    			"sessionId="+sessionID+"&"+
                    			"userId="+username;
                    	
                    	URLConnection connection = new URL(url).openConnection();
                    	connection.setRequestProperty("Accept-Charset", charset);

                    	int status = ((HttpURLConnection) connection).getResponseCode();
                    	
                    	log.info("Response Code: "+status);
                    	
                    	if(status==200)
                    	{
		                    log.info("Logged in via SSO, with User "+user);
		                    request.getSession().setAttribute(ConfluenceAuthenticator.LOGGED_IN_KEY, user);
		                    request.getSession().setAttribute(ConfluenceAuthenticator.LOGGED_OUT_KEY, null);
                    	}else
                    	{
                    		log.info("invalid login");
                        	return null;
                    	}
                    }else
                    {
                    	log.info("user does not exist");
                    	return null;
                    }
                }
                else
                {
                    log.info("logonName or session_id Parameter missing");
                    //user was not found, or not currently valid
                    return null;
                }
            }
        }
        catch (Exception e) // catch class cast exceptions
        {
            log.warn("Exception: " + e, e);
        }
        return user;
    }

}

2 answers

1 accepted

0 votes
Answer accepted

I found a solution for this.

It seems that if the user is allready logged in and you get it by using:

user = (Principal) request.getSession().getAttribute(ConfluenceAuthenticator.LOGGED_IN_KEY);

you can not simply return this user for your getUser(...) return value.
I had to get the user from ConfluenceAuthenticator SuperClass:

log.info("Session found; user already logged in");
                user = (Principal) request.getSession().getAttribute(ConfluenceAuthenticator.LOGGED_IN_KEY);
                username = user.getName();
                log.info("USER : "+ username);
                user = getUser(username);

Pascal, I had exactly the same problem, and you found the solution !

Thank you

Suggest an answer

Log in or Sign up to answer
This widget could not be displayed.
This widget could not be displayed.
Community showcase
Published yesterday in Off-topic

Teams behind the teams - Your nominations please!

Teams do amazing things together. We’ve talked about the myth of the lone genius and how everything is actually the result of teamwork. You might be thinking, What about a novelist writing, say, Th...

91 views 0 8
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you