SEC-1857: Use Principal.getName() in ContextPropagatingRemoteInvocation
This is a better option than using the toString() method where the latter doesn't return the username. e.g when the principal is a UserDetails.
This commit is contained in:
parent
0de067ae63
commit
9fa6e78770
|
@ -65,7 +65,7 @@ public class ContextPropagatingRemoteInvocation extends RemoteInvocation {
|
||||||
Authentication currentUser = SecurityContextHolder.getContext().getAuthentication();
|
Authentication currentUser = SecurityContextHolder.getContext().getAuthentication();
|
||||||
|
|
||||||
if (currentUser != null) {
|
if (currentUser != null) {
|
||||||
principal = currentUser.getPrincipal().toString();
|
principal = currentUser.getName();
|
||||||
credentials = currentUser.getCredentials().toString();
|
credentials = currentUser.getCredentials().toString();
|
||||||
} else {
|
} else {
|
||||||
principal = credentials = null;
|
principal = credentials = null;
|
||||||
|
|
Loading…
Reference in New Issue