Spring Security Principal transformation












0















Is there a way to transform a Spring Security Principal before it is injected in a RestController method?



Let's say I have defined the following class:



@RestController

public class MyController {

    @GetMapping("/test")

    public void getWithPrincipalA(@AuthenticationPrincipal PrincipalTypeA a) {

        ...

    }



    @GetMapping("/test")

    public void getWithPrincipalB(@AuthenticationPrincipal PrincipalTypeB b) {

        ...

    }

}


I know that these controller methods are ambiguous and I could do several things to solve that, but what I would rather do is transform the @AuthenticationPrincipal to some type I can define myself. The result would become something like:



@RestController

public class MyController {

    @GetMapping("/test")

    public void getWithTransformedPrincipal(@AuthenticationPrincipal MyTransformedPrincipal principal) {

        ...

    }

}


Now I basically could define a single controller for several different authentication principals, without having to change the API.



Any help would be appreciated :)






java spring rest spring-security







share|improve this question

























  • Why? Why not just create a single method and dispatch yourself?

    – M. Deinum
    Nov 20 '18 at 11:23











  • What kind of transformation are you talking about with what goal?

    – Bart
    Nov 20 '18 at 11:23











  • The @AuthenticationPrincipal is injected by Spring Security, but when you have different authentication mechanisms (cookie, token, etc) the Principal could be different. My rest API will be the same, though. If I could catch the different Principals and convert them to a generic one that my RestController could handle, I wouldn't have to duplicate my controller methods.

    – Dormouse
    Nov 20 '18 at 11:26











  • In my previous comment I misunderstood your comment. I would do what M. Deinum suggests. Transform the principal within the controller method and dispatch that generic principal to others.

    – Bart
    Nov 20 '18 at 11:27








  • 1





    You could ultimately use a argument resolver to get the authication principal from the security context and transform it from there.

    – Bart
    Nov 20 '18 at 11:39
















0















Is there a way to transform a Spring Security Principal before it is injected in a RestController method?



Let's say I have defined the following class:



@RestController

public class MyController {

    @GetMapping("/test")

    public void getWithPrincipalA(@AuthenticationPrincipal PrincipalTypeA a) {

        ...

    }



    @GetMapping("/test")

    public void getWithPrincipalB(@AuthenticationPrincipal PrincipalTypeB b) {

        ...

    }

}


I know that these controller methods are ambiguous and I could do several things to solve that, but what I would rather do is transform the @AuthenticationPrincipal to some type I can define myself. The result would become something like:



@RestController

public class MyController {

    @GetMapping("/test")

    public void getWithTransformedPrincipal(@AuthenticationPrincipal MyTransformedPrincipal principal) {

        ...

    }

}


Now I basically could define a single controller for several different authentication principals, without having to change the API.



Any help would be appreciated :)






java spring rest spring-security







share|improve this question

























  • Why? Why not just create a single method and dispatch yourself?

    – M. Deinum
    Nov 20 '18 at 11:23











  • What kind of transformation are you talking about with what goal?

    – Bart
    Nov 20 '18 at 11:23











  • The @AuthenticationPrincipal is injected by Spring Security, but when you have different authentication mechanisms (cookie, token, etc) the Principal could be different. My rest API will be the same, though. If I could catch the different Principals and convert them to a generic one that my RestController could handle, I wouldn't have to duplicate my controller methods.

    – Dormouse
    Nov 20 '18 at 11:26











  • In my previous comment I misunderstood your comment. I would do what M. Deinum suggests. Transform the principal within the controller method and dispatch that generic principal to others.

    – Bart
    Nov 20 '18 at 11:27








  • 1





    You could ultimately use a argument resolver to get the authication principal from the security context and transform it from there.

    – Bart
    Nov 20 '18 at 11:39














0












0








0








Is there a way to transform a Spring Security Principal before it is injected in a RestController method?



Let's say I have defined the following class:



@RestController

public class MyController {

    @GetMapping("/test")

    public void getWithPrincipalA(@AuthenticationPrincipal PrincipalTypeA a) {

        ...

    }



    @GetMapping("/test")

    public void getWithPrincipalB(@AuthenticationPrincipal PrincipalTypeB b) {

        ...

    }

}


I know that these controller methods are ambiguous and I could do several things to solve that, but what I would rather do is transform the @AuthenticationPrincipal to some type I can define myself. The result would become something like:



@RestController

public class MyController {

    @GetMapping("/test")

    public void getWithTransformedPrincipal(@AuthenticationPrincipal MyTransformedPrincipal principal) {

        ...

    }

}


Now I basically could define a single controller for several different authentication principals, without having to change the API.



Any help would be appreciated :)






java spring rest spring-security







share|improve this question
















Is there a way to transform a Spring Security Principal before it is injected in a RestController method?



Let's say I have defined the following class:



@RestController

public class MyController {

    @GetMapping("/test")

    public void getWithPrincipalA(@AuthenticationPrincipal PrincipalTypeA a) {

        ...

    }



    @GetMapping("/test")

    public void getWithPrincipalB(@AuthenticationPrincipal PrincipalTypeB b) {

        ...

    }

}


I know that these controller methods are ambiguous and I could do several things to solve that, but what I would rather do is transform the @AuthenticationPrincipal to some type I can define myself. The result would become something like:



@RestController

public class MyController {

    @GetMapping("/test")

    public void getWithTransformedPrincipal(@AuthenticationPrincipal MyTransformedPrincipal principal) {

        ...

    }

}


Now I basically could define a single controller for several different authentication principals, without having to change the API.



Any help would be appreciated :)






java spring rest spring-security




java spring rest spring-security






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Nov 20 '18 at 15:12







Dormouse

















asked Nov 20 '18 at 11:15









DormouseDormouse

96811424




96811424













  • Why? Why not just create a single method and dispatch yourself?

    – M. Deinum
    Nov 20 '18 at 11:23











  • What kind of transformation are you talking about with what goal?

    – Bart
    Nov 20 '18 at 11:23











  • The @AuthenticationPrincipal is injected by Spring Security, but when you have different authentication mechanisms (cookie, token, etc) the Principal could be different. My rest API will be the same, though. If I could catch the different Principals and convert them to a generic one that my RestController could handle, I wouldn't have to duplicate my controller methods.

    – Dormouse
    Nov 20 '18 at 11:26











  • In my previous comment I misunderstood your comment. I would do what M. Deinum suggests. Transform the principal within the controller method and dispatch that generic principal to others.

    – Bart
    Nov 20 '18 at 11:27








  • 1





    You could ultimately use a argument resolver to get the authication principal from the security context and transform it from there.

    – Bart
    Nov 20 '18 at 11:39



















  • Why? Why not just create a single method and dispatch yourself?

    – M. Deinum
    Nov 20 '18 at 11:23











  • What kind of transformation are you talking about with what goal?

    – Bart
    Nov 20 '18 at 11:23











  • The @AuthenticationPrincipal is injected by Spring Security, but when you have different authentication mechanisms (cookie, token, etc) the Principal could be different. My rest API will be the same, though. If I could catch the different Principals and convert them to a generic one that my RestController could handle, I wouldn't have to duplicate my controller methods.

    – Dormouse
    Nov 20 '18 at 11:26











  • In my previous comment I misunderstood your comment. I would do what M. Deinum suggests. Transform the principal within the controller method and dispatch that generic principal to others.

    – Bart
    Nov 20 '18 at 11:27








  • 1





    You could ultimately use a argument resolver to get the authication principal from the security context and transform it from there.

    – Bart
    Nov 20 '18 at 11:39

















Why? Why not just create a single method and dispatch yourself?

– M. Deinum
Nov 20 '18 at 11:23





Why? Why not just create a single method and dispatch yourself?

– M. Deinum
Nov 20 '18 at 11:23













What kind of transformation are you talking about with what goal?

– Bart
Nov 20 '18 at 11:23





What kind of transformation are you talking about with what goal?

– Bart
Nov 20 '18 at 11:23













The @AuthenticationPrincipal is injected by Spring Security, but when you have different authentication mechanisms (cookie, token, etc) the Principal could be different. My rest API will be the same, though. If I could catch the different Principals and convert them to a generic one that my RestController could handle, I wouldn't have to duplicate my controller methods.

– Dormouse
Nov 20 '18 at 11:26





The @AuthenticationPrincipal is injected by Spring Security, but when you have different authentication mechanisms (cookie, token, etc) the Principal could be different. My rest API will be the same, though. If I could catch the different Principals and convert them to a generic one that my RestController could handle, I wouldn't have to duplicate my controller methods.

– Dormouse
Nov 20 '18 at 11:26













In my previous comment I misunderstood your comment. I would do what M. Deinum suggests. Transform the principal within the controller method and dispatch that generic principal to others.

– Bart
Nov 20 '18 at 11:27







In my previous comment I misunderstood your comment. I would do what M. Deinum suggests. Transform the principal within the controller method and dispatch that generic principal to others.

– Bart
Nov 20 '18 at 11:27






1




1





You could ultimately use a argument resolver to get the authication principal from the security context and transform it from there.

– Bart
Nov 20 '18 at 11:39





You could ultimately use a argument resolver to get the authication principal from the security context and transform it from there.

– Bart
Nov 20 '18 at 11:39












1 Answer
1






active

oldest

votes


















2














Too keep things simple and transparant you could simply transform the principal in your controller method and dispatch the generic principal from there. 



@RestController

public class MyController {

    @GetMapping("/test")

    public void getWithTransformedPrincipal(@AuthenticationPrincipal Principal principal) {

        GenericPrincipal generic = PrincipalTransformer.transform(principal);

        doSomethingWithPrincipal(generic);

    }

}





share|improve this answer
























  • Any chance of adding the argument resolver solution as an alternative?

    – Dormouse
    Nov 20 '18 at 15:20











  • I would rather not. Not because I'm unwilling. More because I think that it would distract from the more obvious and simple solution.

    – Bart
    Nov 21 '18 at 8:09











  • Right. Although that was the original question :)

    – Dormouse
    Nov 21 '18 at 8:51











Your Answer






StackExchange.ifUsing("editor", function () {
StackExchange.using("externalEditor", function () {
StackExchange.using("snippets", function () {
StackExchange.snippets.init();
});
});
}, "code-snippets");

StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "1"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});


}
});














draft saved

draft discarded


















StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53391811%2fspring-security-principal-transformation%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown

























1 Answer
1






active

oldest

votes








1 Answer
1






active

oldest

votes









active

oldest

votes






active

oldest

votes









2














Too keep things simple and transparant you could simply transform the principal in your controller method and dispatch the generic principal from there. 



@RestController

public class MyController {

    @GetMapping("/test")

    public void getWithTransformedPrincipal(@AuthenticationPrincipal Principal principal) {

        GenericPrincipal generic = PrincipalTransformer.transform(principal);

        doSomethingWithPrincipal(generic);

    }

}





share|improve this answer
























  • Any chance of adding the argument resolver solution as an alternative?

    – Dormouse
    Nov 20 '18 at 15:20











  • I would rather not. Not because I'm unwilling. More because I think that it would distract from the more obvious and simple solution.

    – Bart
    Nov 21 '18 at 8:09











  • Right. Although that was the original question :)

    – Dormouse
    Nov 21 '18 at 8:51
















2














Too keep things simple and transparant you could simply transform the principal in your controller method and dispatch the generic principal from there. 



@RestController

public class MyController {

    @GetMapping("/test")

    public void getWithTransformedPrincipal(@AuthenticationPrincipal Principal principal) {

        GenericPrincipal generic = PrincipalTransformer.transform(principal);

        doSomethingWithPrincipal(generic);

    }

}





share|improve this answer
























  • Any chance of adding the argument resolver solution as an alternative?

    – Dormouse
    Nov 20 '18 at 15:20











  • I would rather not. Not because I'm unwilling. More because I think that it would distract from the more obvious and simple solution.

    – Bart
    Nov 21 '18 at 8:09











  • Right. Although that was the original question :)

    – Dormouse
    Nov 21 '18 at 8:51














2












2








2







Too keep things simple and transparant you could simply transform the principal in your controller method and dispatch the generic principal from there. 



@RestController

public class MyController {

    @GetMapping("/test")

    public void getWithTransformedPrincipal(@AuthenticationPrincipal Principal principal) {

        GenericPrincipal generic = PrincipalTransformer.transform(principal);

        doSomethingWithPrincipal(generic);

    }

}





share|improve this answer













Too keep things simple and transparant you could simply transform the principal in your controller method and dispatch the generic principal from there. 



@RestController

public class MyController {

    @GetMapping("/test")

    public void getWithTransformedPrincipal(@AuthenticationPrincipal Principal principal) {

        GenericPrincipal generic = PrincipalTransformer.transform(principal);

        doSomethingWithPrincipal(generic);

    }

}






share|improve this answer












share|improve this answer



share|improve this answer










answered Nov 20 '18 at 11:35









BartBart

14.3k34372




14.3k34372













  • Any chance of adding the argument resolver solution as an alternative?

    – Dormouse
    Nov 20 '18 at 15:20











  • I would rather not. Not because I'm unwilling. More because I think that it would distract from the more obvious and simple solution.

    – Bart
    Nov 21 '18 at 8:09











  • Right. Although that was the original question :)

    – Dormouse
    Nov 21 '18 at 8:51



















  • Any chance of adding the argument resolver solution as an alternative?

    – Dormouse
    Nov 20 '18 at 15:20











  • I would rather not. Not because I'm unwilling. More because I think that it would distract from the more obvious and simple solution.

    – Bart
    Nov 21 '18 at 8:09











  • Right. Although that was the original question :)

    – Dormouse
    Nov 21 '18 at 8:51

















Any chance of adding the argument resolver solution as an alternative?

– Dormouse
Nov 20 '18 at 15:20





Any chance of adding the argument resolver solution as an alternative?

– Dormouse
Nov 20 '18 at 15:20













I would rather not. Not because I'm unwilling. More because I think that it would distract from the more obvious and simple solution.

– Bart
Nov 21 '18 at 8:09





I would rather not. Not because I'm unwilling. More because I think that it would distract from the more obvious and simple solution.

– Bart
Nov 21 '18 at 8:09













Right. Although that was the original question :)

– Dormouse
Nov 21 '18 at 8:51





Right. Although that was the original question :)

– Dormouse
Nov 21 '18 at 8:51




















draft saved

draft discarded




















































Thanks for contributing an answer to Stack Overflow!


  • Please be sure to answer the question. Provide details and share your research!

But avoid



  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.


To learn more, see our tips on writing great answers.




draft saved


draft discarded














StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53391811%2fspring-security-principal-transformation%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown







-

Popular posts from this blog

Biblatex bibliography style without URLs when DOI exists (in Overleaf with Zotero bibliography)

Image
2 2 I have a Zotero bibliography in Overleaf. I use biblatex . usepackage[backend=biber,citestyle=authoryear]{biblatex} addbibresource{zoteroALH.bib} Bibliography entries look like: @book{de_saint-gervais_uniformization_2016, title = {Uniformization of {Riemann} {Surfaces}}, isbn = {978-3-03719-145-3}, url = {https://www.ems-ph.org/books/book.php?proj_nr=198&srch=series%7Chem}, urldate = {2019-02-03}, author = {de Saint-Gervais, Paul Henri}, year = {2016}, doi = {10.4171/145} } In the bibliography down the paper the reference shows like this: There is the DOI, great, but also the URL which is unnecessary when the DOI is there. How can I remove the URL when the DOI is present? biblatex bibliographies overleaf zote
Read more

ComboBox Display Member on multiple fields

Image
2 I'm trying to set the .DisplayMember property of a ComboBox in C#, but I want to bind it to multiple columns in the .DataSouce . My SQL looks like this: SELECT PersNbr, PersFirstName, PersMiddleName, PersLastName FROM Pers WHERE PersNbr = :persNbr; I'm saving this query in a DataTable so each column selected has it's own column in the Datatable . I want to make the .DisplayMember a combination of PersFirstName + PersMiddleName + PersLastName so their full name appears like this: comboBox.DisplayMemeber = "PersFirstName" + "PersMiddleName" + "PersLastName" I know I can just to this on the query: SELECT PersNbr, (PersFirstName || PersMiddleName || PersLastName) PersName and then just do this: comboBox.DisplayMember = "PersName"; but I
Read more

Is it possible to collect Nectar points via Trainline?

Image
2 Since I am not eligible for any Railcard, the only available discount/bonus scheme is Nectar Card for me. GWR, SWR, LNER and Virgin Trains allow to collect Nectar points and I have already linked a card to my GWR account. A friend suggested me to use Trainline App, because it can search for bus tickets either. I had a look at the application, but could not see any option for Nectar. Is there a way to collect Nectar points when I buy tickets via Trainline? uk trains loyalty-programs trainline share | improve this question asked Dec 2 '18 at 15:50 ahmedus 3,224 5 19 49
Read more