Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Cannot use parameter @Auth in parent resource

See original GitHub issue

We have a root/parent resource “Users”, and a sub-resource “Vehicles”. For example: /users/<id>/vehicles will return the vehicles of the given user.

But before letting sub-resource “Vehicles” handle the request, we want to check if the currently authenticated user has access to data of the given user. The reason is that there will be more than one endpoint in “Vehicles”, and we would like to have one centralised access check in the parent resource “Users”, instead of having to check in every endpoint of sub-resource “Vehicles”.

But when using the @Auth parameter in the parent resource, like so (@Auth User authedUser):

@Path("{userId}/vehicles")
@RolesAllowed(Role.USER)
public Class<VehiclesResource> getVehicles(@Auth User authedUser, @PathParam("userId") Long userId) {
    return VehiclesResource.class;
}

the following exception is thrown: java.lang.IllegalStateException: Cannot inject a custom principal into unauthenticated request

Is there a way to check the authenticated user in the parent resource?

Issue Analytics

State:
Created 7 years ago
Reactions:2
Comments:10 (2 by maintainers)

Top GitHub Comments

8reactions

Gaudoncommented, May 1, 2017

Any update on this? I seem to be running into the same issue.

0reactions

splatchcommented, Apr 8, 2020

This issue is still valid for 2.0.6. I made my own filter and been struggling with it for half a day thinking that it is something wrong with my code. It turns out that my code is fine.

So to everyone who is still struggling with this one - as a workaround I marked my filter with @PreMatching annotation. It doesn’t look right to me, but works. This bug (or feature) comes from Jersey code which sort filters in such a way that they are called after the sub-resource method chain is being called. There are at least two issues standing in Jersey project for quite long time eclipse-ee4j/jersey#3297 and eclipse-ee4j/jersey#3021.

Anyhow, hope it helps someone in future to solve the problem.

Top Results From Across the Web

Resource — AWS Cloud Development Kit 1.181.0 ...

Parameters. scope ( Construct ) –. id ( str ) –. parent ( IResource ) – The parent resource of this resource. You...

Authentication service messages - IBM

Authentication service cannot perform RSA authentication because the username parameter is missing. If you specify the username parameter using literal value, ...

Value cannot be null. Parameter name: source - Stack Overflow

Somewhere inside the DbContext is a value that is IEnumerable and is queried with Any() (or Where() or Select() or any other LINQ-method),...

Troubleshoot Azure Automation runbook issues

This article tells how to troubleshoot and resolve issues with Azure Automation runbooks.

3 Configuring Authentication - Database - Oracle Help Center

Oracle Database provides data dictionary views that list information about user authentication, such as roles that users have or profiles they use. Parent...