Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Error executing @Query if SecurityEvaluationContextExtension is defined and no user is logged in although principal is not used in query. [DATAJPA-1357]
See original GitHub issueStefano Bertini opened DATAJPA-1357 and commented
I have an update method in a repository and the method is annotated with @Query. A SecurityEvaluationContextExtension bean is defined in the context. I need to execute the @Query method in a task that runs in a @Scheduled method. As no Authentication is defined when the scheduled method is executed, I get this exception:
org.springframework.dao.InvalidDataAccessApiUsageException: Authentication object cannot be null; nested exception is java.lang.IllegalArgumentException: Authentication object cannot be null at
org.springframework.orm.jpa.EntityManagerFactoryUtils.convertJpaAccessExceptionIfPossible(EntityManagerFactoryUtils.java:384) at
org.springframework.orm.jpa.vendor.HibernateJpaDialect.translateExceptionIfPossible(HibernateJpaDialect.java:246) at
org.springframework.orm.jpa.AbstractEntityManagerFactoryBean.translateExceptionIfPossible(AbstractEntityManagerFactoryBean.java:525) at
org.springframework.dao.support.ChainedPersistenceExceptionTranslator.translateExceptionIfPossible(ChainedPersistenceExceptionTranslator.java:59) at
org.springframework.dao.support.DataAccessUtils.translateIfNecessary(DataAccessUtils.java:209) at
org.springframework.dao.support.PersistenceExceptionTranslationInterceptor.invoke(PersistenceExceptionTranslationInterceptor.java:147) at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) at
org.springframework.data.jpa.repository.support.CrudMethodMetadataPostProcessor$CrudMethodMetadataPopulatingMethodInterceptor.invoke(CrudMethodMetadataPostProcessor.java:133) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) at
org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:92) at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) at
org.springframework.data.repository.core.support.SurroundingTransactionDetectorMethodInterceptor.invoke(SurroundingTransactionDetectorMethodInterceptor.java:57) at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) at
org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:213) at
com.sun.proxy.$Proxy162.myqueryannotatedmethod(Unknown Source)
As a workaround, in the @Scheduled method I put a fake Authentication into the SecurityContext, but I would like to know if there is a better solution.
SecurityContext context = SecurityContextHolder.getContext();
Authentication authentication = new SomeKindOfAuthentication();
context.setAuthentication(authentication);
Affects: 1.6.6 (Dijkstra SR6)
2 votes, 6 watchers
Issue Analytics
- State:
- Created 5 years ago
- Reactions:1
- Comments:10
Top Results From Across the Web
Spring Security 4 issue using Query Method - Stack Overflow
Pls try this custom class :- class SecurityEvaluationContextExtension extends EvaluationContextExtensionSupport { @Override public String getExtensionId() ...
Read more >Spring Security: Securing Spring Data methods - JDriven Blog
Spring Data repositories allow you to easily query your entities with method names such as findByUserName(String name). However, it can get ...
Read more >Spring Data with Spring Security | Baeldung
Defining the SecurityEvaluationContextExtension makes all the common expressions in Spring Security available from within Spring Data queries.
Read more >Vaadin 10 (Only JAVA) Spring Security Custom Login Page
Hi Guys , Is there any example how to implement with V10 custom login form for Spring Security. ( with just java not...
Read more >org.springframework.security.data.repository.query ... - Tabnine
public void setup() { securityExtension = new SecurityEvaluationContextExtension();
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
I have the same issue. When I call the query method from a scheduled task.
Experiencing this with a
JpaRepositoryinterface annotated with@RepositoryRestResourcethat contains a single custom@Querynative query. When trying to use any kind of expression in the query, this issue reproduces itself:…results in:
Converting
sourceto a simple String and changing the comparator toAND d.type_source = :sourceallows it to pass, so it appears using SpEL in your query in any fashion causes this. However, I have a hard time believing it’s just that since I’d expect this to be a much more active issue if that were the case.