java.lang.IllegalArgumentException: Authentication.getDetails() required

Spring JIRA | Nomadeous | 9 years ago
  1. 0

    Hi, The openid sample worked fine for me. I tried to use the Concurrent Session Control but it doesn't work. The following post has the same bug : http://forum.springframework.org/showthread.php?p=177626 Solution proposed is to update the OpenIDAuthenticationProcessingFilter and to populate details before call to the authenticationManager, this way : token.setDetails(authenticationDetailsSource.buildDetails(req)); Not sure what uNcode suggests is the good way to fix it. Could be related to http://jira.springframework.org/browse/SEC-618 Here is my SS configuration (really basic, based on the sample openid): -------------------------------------- <http> <intercept-url pattern="/**" access="ROLE_USER" /> <logout /> <openid-login login-page="/openidlogin.jsp" /> <concurrent-session-control max-sessions="1" exception-if-maximum-exceeded="true"/> </http> <authentication-manager alias="authenticationManager" /> <user-service id="userService"> <user name="http://MYACCOUNT.myopenid.com/" password="notused" authorities="ROLE_SUPERVISOR,ROLE_USER" /> </user-service> Here is my stack trace : -------------------------------- java.lang.IllegalArgumentException: Authentication.getDetails() required at org.springframework.util.Assert.notNull(Assert.java:112) at org.springframework.security.concurrent.SessionRegistryUtils.obtainSessionIdFromAuthentication(SessionRegistryUtils.java:52) at org.springframework.security.concurrent.ConcurrentSessionControllerImpl.checkAuthenticationAllowed(ConcurrentSessionControllerImpl.java:92) at org.springframework.security.providers.ProviderManager.doAuthentication(ProviderManager.java:199) at org.springframework.security.AbstractAuthenticationManager.authenticate(AbstractAuthenticationManager.java:46) at org.springframework.security.ui.openid.OpenIDAuthenticationProcessingFilter.attemptAuthentication(OpenIDAuthenticationProcessingFilter.java:82) at org.springframework.security.ui.AbstractProcessingFilter.doFilterHttp(AbstractProcessingFilter.java:249) at org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53) at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:371) at org.springframework.security.ui.logout.LogoutFilter.doFilterHttp(LogoutFilter.java:87) at org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53) at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:371) at org.springframework.security.ui.SessionFixationProtectionFilter.doFilterHttp(SessionFixationProtectionFilter.java:68) at org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53) at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:371) at org.springframework.security.context.HttpSessionContextIntegrationFilter.doFilterHttp(HttpSessionContextIntegrationFilter.java:229) at org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53) at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:371) at org.springframework.security.concurrent.ConcurrentSessionFilter.doFilterHttp(ConcurrentSessionFilter.java:97) at org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53) at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:371) at org.springframework.security.securechannel.ChannelProcessingFilter.doFilterHttp(ChannelProcessingFilter.java:116) at org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53) at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:371) at org.springframework.security.util.FilterChainProxy.doFilter(FilterChainProxy.java:174) at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:183) at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:138)

    Spring JIRA | 9 years ago | Nomadeous
    java.lang.IllegalArgumentException: Authentication.getDetails() required
  2. 0

    Hi, The openid sample worked fine for me. I tried to use the Concurrent Session Control but it doesn't work. The following post has the same bug : http://forum.springframework.org/showthread.php?p=177626 Solution proposed is to update the OpenIDAuthenticationProcessingFilter and to populate details before call to the authenticationManager, this way : token.setDetails(authenticationDetailsSource.buildDetails(req)); Not sure what uNcode suggests is the good way to fix it. Could be related to http://jira.springframework.org/browse/SEC-618 Here is my SS configuration (really basic, based on the sample openid): -------------------------------------- <http> <intercept-url pattern="/**" access="ROLE_USER" /> <logout /> <openid-login login-page="/openidlogin.jsp" /> <concurrent-session-control max-sessions="1" exception-if-maximum-exceeded="true"/> </http> <authentication-manager alias="authenticationManager" /> <user-service id="userService"> <user name="http://MYACCOUNT.myopenid.com/" password="notused" authorities="ROLE_SUPERVISOR,ROLE_USER" /> </user-service> Here is my stack trace : -------------------------------- java.lang.IllegalArgumentException: Authentication.getDetails() required at org.springframework.util.Assert.notNull(Assert.java:112) at org.springframework.security.concurrent.SessionRegistryUtils.obtainSessionIdFromAuthentication(SessionRegistryUtils.java:52) at org.springframework.security.concurrent.ConcurrentSessionControllerImpl.checkAuthenticationAllowed(ConcurrentSessionControllerImpl.java:92) at org.springframework.security.providers.ProviderManager.doAuthentication(ProviderManager.java:199) at org.springframework.security.AbstractAuthenticationManager.authenticate(AbstractAuthenticationManager.java:46) at org.springframework.security.ui.openid.OpenIDAuthenticationProcessingFilter.attemptAuthentication(OpenIDAuthenticationProcessingFilter.java:82) at org.springframework.security.ui.AbstractProcessingFilter.doFilterHttp(AbstractProcessingFilter.java:249) at org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53) at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:371) at org.springframework.security.ui.logout.LogoutFilter.doFilterHttp(LogoutFilter.java:87) at org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53) at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:371) at org.springframework.security.ui.SessionFixationProtectionFilter.doFilterHttp(SessionFixationProtectionFilter.java:68) at org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53) at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:371) at org.springframework.security.context.HttpSessionContextIntegrationFilter.doFilterHttp(HttpSessionContextIntegrationFilter.java:229) at org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53) at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:371) at org.springframework.security.concurrent.ConcurrentSessionFilter.doFilterHttp(ConcurrentSessionFilter.java:97) at org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53) at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:371) at org.springframework.security.securechannel.ChannelProcessingFilter.doFilterHttp(ChannelProcessingFilter.java:116) at org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53) at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:371) at org.springframework.security.util.FilterChainProxy.doFilter(FilterChainProxy.java:174) at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:183) at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:138)

    Spring JIRA | 9 years ago | Nomadeous
    java.lang.IllegalArgumentException: Authentication.getDetails() required
  3. 0

    Spring file upload by ajax

    Stack Overflow | 3 years ago | kris14an
    java.lang.IllegalArgumentException: Expected MultipartHttpServletRequest: is a MultipartResolver configured?
  4. Speed up your debug routine!

    Automated exception search integrated into your IDE

  5. 0

    Spring websocket encounter "Ignoring message, no principal info available" error

    Stack Overflow | 2 years ago | zizibj
    java.lang.IllegalArgumentException: No 'javax.websocket.server.ServerContainer' ServletContext attribute. Are you running in a Servlet container that supports JSR-356?
  6. 0

    Bean object must not be null in Spring MVC

    Stack Overflow | 3 years ago | Sivanagaiah
    java.lang.IllegalArgumentException: Bean object must not be null
Not finding the right solution?
Take a tour to get the most out of Samebug.

Tired of useless tips?

Automated exception search integrated into your IDE

Root Cause Analysis

  1. java.lang.IllegalArgumentException

    Authentication.getDetails() required

    at org.springframework.util.Assert.notNull()
  2. Spring Core
    Assert.notNull
    1. org.springframework.util.Assert.notNull(Assert.java:112)
    1 frame
  3. org.springframework.security
    SpringSecurityFilter.doFilter
    1. org.springframework.security.concurrent.SessionRegistryUtils.obtainSessionIdFromAuthentication(SessionRegistryUtils.java:52)
    2. org.springframework.security.concurrent.ConcurrentSessionControllerImpl.checkAuthenticationAllowed(ConcurrentSessionControllerImpl.java:92)
    3. org.springframework.security.providers.ProviderManager.doAuthentication(ProviderManager.java:199)
    4. org.springframework.security.AbstractAuthenticationManager.authenticate(AbstractAuthenticationManager.java:46)
    5. org.springframework.security.ui.openid.OpenIDAuthenticationProcessingFilter.attemptAuthentication(OpenIDAuthenticationProcessingFilter.java:82)
    6. org.springframework.security.ui.AbstractProcessingFilter.doFilterHttp(AbstractProcessingFilter.java:249)
    7. org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53)
    7 frames
  4. spring-security-core
    FilterChainProxy$VirtualFilterChain.doFilter
    1. org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:371)
    1 frame
  5. org.springframework.security
    SpringSecurityFilter.doFilter
    1. org.springframework.security.ui.logout.LogoutFilter.doFilterHttp(LogoutFilter.java:87)
    2. org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53)
    2 frames
  6. spring-security-core
    FilterChainProxy$VirtualFilterChain.doFilter
    1. org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:371)
    1 frame
  7. org.springframework.security
    SpringSecurityFilter.doFilter
    1. org.springframework.security.ui.SessionFixationProtectionFilter.doFilterHttp(SessionFixationProtectionFilter.java:68)
    2. org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53)
    2 frames
  8. spring-security-core
    FilterChainProxy$VirtualFilterChain.doFilter
    1. org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:371)
    1 frame
  9. Spring Security - Portlet support
    HttpSessionContextIntegrationFilter.doFilterHttp
    1. org.springframework.security.context.HttpSessionContextIntegrationFilter.doFilterHttp(HttpSessionContextIntegrationFilter.java:229)
    1 frame
  10. org.springframework.security
    SpringSecurityFilter.doFilter
    1. org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53)
    1 frame
  11. spring-security-core
    FilterChainProxy$VirtualFilterChain.doFilter
    1. org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:371)
    1 frame
  12. org.springframework.security
    SpringSecurityFilter.doFilter
    1. org.springframework.security.concurrent.ConcurrentSessionFilter.doFilterHttp(ConcurrentSessionFilter.java:97)
    2. org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53)
    2 frames
  13. spring-security-core
    FilterChainProxy$VirtualFilterChain.doFilter
    1. org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:371)
    1 frame
  14. org.springframework.security
    SpringSecurityFilter.doFilter
    1. org.springframework.security.securechannel.ChannelProcessingFilter.doFilterHttp(ChannelProcessingFilter.java:116)
    2. org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53)
    2 frames
  15. spring-security-core
    FilterChainProxy.doFilter
    1. org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:371)
    2. org.springframework.security.util.FilterChainProxy.doFilter(FilterChainProxy.java:174)
    2 frames
  16. Spring
    DelegatingFilterProxy.doFilter
    1. org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:183)
    2. org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:138)
    2 frames