Spring Security Principal transformation












0















Is there a way to transform a Spring Security Principal before it is injected in a RestController method?



Let's say I have defined the following class:



@RestController

public class MyController {

    @GetMapping("/test")

    public void getWithPrincipalA(@AuthenticationPrincipal PrincipalTypeA a) {

        ...

    }



    @GetMapping("/test")

    public void getWithPrincipalB(@AuthenticationPrincipal PrincipalTypeB b) {

        ...

    }

}


I know that these controller methods are ambiguous and I could do several things to solve that, but what I would rather do is transform the @AuthenticationPrincipal to some type I can define myself. The result would become something like:



@RestController

public class MyController {

    @GetMapping("/test")

    public void getWithTransformedPrincipal(@AuthenticationPrincipal MyTransformedPrincipal principal) {

        ...

    }

}


Now I basically could define a single controller for several different authentication principals, without having to change the API.



Any help would be appreciated :)






java spring rest spring-security







share|improve this question

























  • Why? Why not just create a single method and dispatch yourself?

    – M. Deinum
    Nov 20 '18 at 11:23











  • What kind of transformation are you talking about with what goal?

    – Bart
    Nov 20 '18 at 11:23











  • The @AuthenticationPrincipal is injected by Spring Security, but when you have different authentication mechanisms (cookie, token, etc) the Principal could be different. My rest API will be the same, though. If I could catch the different Principals and convert them to a generic one that my RestController could handle, I wouldn't have to duplicate my controller methods.

    – Dormouse
    Nov 20 '18 at 11:26











  • In my previous comment I misunderstood your comment. I would do what M. Deinum suggests. Transform the principal within the controller method and dispatch that generic principal to others.

    – Bart
    Nov 20 '18 at 11:27








  • 1





    You could ultimately use a argument resolver to get the authication principal from the security context and transform it from there.

    – Bart
    Nov 20 '18 at 11:39
















0















Is there a way to transform a Spring Security Principal before it is injected in a RestController method?



Let's say I have defined the following class:



@RestController

public class MyController {

    @GetMapping("/test")

    public void getWithPrincipalA(@AuthenticationPrincipal PrincipalTypeA a) {

        ...

    }



    @GetMapping("/test")

    public void getWithPrincipalB(@AuthenticationPrincipal PrincipalTypeB b) {

        ...

    }

}


I know that these controller methods are ambiguous and I could do several things to solve that, but what I would rather do is transform the @AuthenticationPrincipal to some type I can define myself. The result would become something like:



@RestController

public class MyController {

    @GetMapping("/test")

    public void getWithTransformedPrincipal(@AuthenticationPrincipal MyTransformedPrincipal principal) {

        ...

    }

}


Now I basically could define a single controller for several different authentication principals, without having to change the API.



Any help would be appreciated :)






java spring rest spring-security







share|improve this question

























  • Why? Why not just create a single method and dispatch yourself?

    – M. Deinum
    Nov 20 '18 at 11:23











  • What kind of transformation are you talking about with what goal?

    – Bart
    Nov 20 '18 at 11:23











  • The @AuthenticationPrincipal is injected by Spring Security, but when you have different authentication mechanisms (cookie, token, etc) the Principal could be different. My rest API will be the same, though. If I could catch the different Principals and convert them to a generic one that my RestController could handle, I wouldn't have to duplicate my controller methods.

    – Dormouse
    Nov 20 '18 at 11:26











  • In my previous comment I misunderstood your comment. I would do what M. Deinum suggests. Transform the principal within the controller method and dispatch that generic principal to others.

    – Bart
    Nov 20 '18 at 11:27








  • 1





    You could ultimately use a argument resolver to get the authication principal from the security context and transform it from there.

    – Bart
    Nov 20 '18 at 11:39














0












0








0








Is there a way to transform a Spring Security Principal before it is injected in a RestController method?



Let's say I have defined the following class:



@RestController

public class MyController {

    @GetMapping("/test")

    public void getWithPrincipalA(@AuthenticationPrincipal PrincipalTypeA a) {

        ...

    }



    @GetMapping("/test")

    public void getWithPrincipalB(@AuthenticationPrincipal PrincipalTypeB b) {

        ...

    }

}


I know that these controller methods are ambiguous and I could do several things to solve that, but what I would rather do is transform the @AuthenticationPrincipal to some type I can define myself. The result would become something like:



@RestController

public class MyController {

    @GetMapping("/test")

    public void getWithTransformedPrincipal(@AuthenticationPrincipal MyTransformedPrincipal principal) {

        ...

    }

}


Now I basically could define a single controller for several different authentication principals, without having to change the API.



Any help would be appreciated :)






java spring rest spring-security







share|improve this question
















Is there a way to transform a Spring Security Principal before it is injected in a RestController method?



Let's say I have defined the following class:



@RestController

public class MyController {

    @GetMapping("/test")

    public void getWithPrincipalA(@AuthenticationPrincipal PrincipalTypeA a) {

        ...

    }



    @GetMapping("/test")

    public void getWithPrincipalB(@AuthenticationPrincipal PrincipalTypeB b) {

        ...

    }

}


I know that these controller methods are ambiguous and I could do several things to solve that, but what I would rather do is transform the @AuthenticationPrincipal to some type I can define myself. The result would become something like:



@RestController

public class MyController {

    @GetMapping("/test")

    public void getWithTransformedPrincipal(@AuthenticationPrincipal MyTransformedPrincipal principal) {

        ...

    }

}


Now I basically could define a single controller for several different authentication principals, without having to change the API.



Any help would be appreciated :)






java spring rest spring-security




java spring rest spring-security






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Nov 20 '18 at 15:12







Dormouse

















asked Nov 20 '18 at 11:15









DormouseDormouse

96811424




96811424













  • Why? Why not just create a single method and dispatch yourself?

    – M. Deinum
    Nov 20 '18 at 11:23











  • What kind of transformation are you talking about with what goal?

    – Bart
    Nov 20 '18 at 11:23











  • The @AuthenticationPrincipal is injected by Spring Security, but when you have different authentication mechanisms (cookie, token, etc) the Principal could be different. My rest API will be the same, though. If I could catch the different Principals and convert them to a generic one that my RestController could handle, I wouldn't have to duplicate my controller methods.

    – Dormouse
    Nov 20 '18 at 11:26











  • In my previous comment I misunderstood your comment. I would do what M. Deinum suggests. Transform the principal within the controller method and dispatch that generic principal to others.

    – Bart
    Nov 20 '18 at 11:27








  • 1





    You could ultimately use a argument resolver to get the authication principal from the security context and transform it from there.

    – Bart
    Nov 20 '18 at 11:39



















  • Why? Why not just create a single method and dispatch yourself?

    – M. Deinum
    Nov 20 '18 at 11:23











  • What kind of transformation are you talking about with what goal?

    – Bart
    Nov 20 '18 at 11:23











  • The @AuthenticationPrincipal is injected by Spring Security, but when you have different authentication mechanisms (cookie, token, etc) the Principal could be different. My rest API will be the same, though. If I could catch the different Principals and convert them to a generic one that my RestController could handle, I wouldn't have to duplicate my controller methods.

    – Dormouse
    Nov 20 '18 at 11:26











  • In my previous comment I misunderstood your comment. I would do what M. Deinum suggests. Transform the principal within the controller method and dispatch that generic principal to others.

    – Bart
    Nov 20 '18 at 11:27








  • 1





    You could ultimately use a argument resolver to get the authication principal from the security context and transform it from there.

    – Bart
    Nov 20 '18 at 11:39

















Why? Why not just create a single method and dispatch yourself?

– M. Deinum
Nov 20 '18 at 11:23





Why? Why not just create a single method and dispatch yourself?

– M. Deinum
Nov 20 '18 at 11:23













What kind of transformation are you talking about with what goal?

– Bart
Nov 20 '18 at 11:23





What kind of transformation are you talking about with what goal?

– Bart
Nov 20 '18 at 11:23













The @AuthenticationPrincipal is injected by Spring Security, but when you have different authentication mechanisms (cookie, token, etc) the Principal could be different. My rest API will be the same, though. If I could catch the different Principals and convert them to a generic one that my RestController could handle, I wouldn't have to duplicate my controller methods.

– Dormouse
Nov 20 '18 at 11:26





The @AuthenticationPrincipal is injected by Spring Security, but when you have different authentication mechanisms (cookie, token, etc) the Principal could be different. My rest API will be the same, though. If I could catch the different Principals and convert them to a generic one that my RestController could handle, I wouldn't have to duplicate my controller methods.

– Dormouse
Nov 20 '18 at 11:26













In my previous comment I misunderstood your comment. I would do what M. Deinum suggests. Transform the principal within the controller method and dispatch that generic principal to others.

– Bart
Nov 20 '18 at 11:27







In my previous comment I misunderstood your comment. I would do what M. Deinum suggests. Transform the principal within the controller method and dispatch that generic principal to others.

– Bart
Nov 20 '18 at 11:27






1




1





You could ultimately use a argument resolver to get the authication principal from the security context and transform it from there.

– Bart
Nov 20 '18 at 11:39





You could ultimately use a argument resolver to get the authication principal from the security context and transform it from there.

– Bart
Nov 20 '18 at 11:39












1 Answer
1






active

oldest

votes


















2














Too keep things simple and transparant you could simply transform the principal in your controller method and dispatch the generic principal from there. 



@RestController

public class MyController {

    @GetMapping("/test")

    public void getWithTransformedPrincipal(@AuthenticationPrincipal Principal principal) {

        GenericPrincipal generic = PrincipalTransformer.transform(principal);

        doSomethingWithPrincipal(generic);

    }

}





share|improve this answer
























  • Any chance of adding the argument resolver solution as an alternative?

    – Dormouse
    Nov 20 '18 at 15:20











  • I would rather not. Not because I'm unwilling. More because I think that it would distract from the more obvious and simple solution.

    – Bart
    Nov 21 '18 at 8:09











  • Right. Although that was the original question :)

    – Dormouse
    Nov 21 '18 at 8:51











Your Answer






StackExchange.ifUsing("editor", function () {
StackExchange.using("externalEditor", function () {
StackExchange.using("snippets", function () {
StackExchange.snippets.init();
});
});
}, "code-snippets");

StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "1"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});


}
});














draft saved

draft discarded


















StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53391811%2fspring-security-principal-transformation%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown

























1 Answer
1






active

oldest

votes








1 Answer
1






active

oldest

votes









active

oldest

votes






active

oldest

votes









2














Too keep things simple and transparant you could simply transform the principal in your controller method and dispatch the generic principal from there. 



@RestController

public class MyController {

    @GetMapping("/test")

    public void getWithTransformedPrincipal(@AuthenticationPrincipal Principal principal) {

        GenericPrincipal generic = PrincipalTransformer.transform(principal);

        doSomethingWithPrincipal(generic);

    }

}





share|improve this answer
























  • Any chance of adding the argument resolver solution as an alternative?

    – Dormouse
    Nov 20 '18 at 15:20











  • I would rather not. Not because I'm unwilling. More because I think that it would distract from the more obvious and simple solution.

    – Bart
    Nov 21 '18 at 8:09











  • Right. Although that was the original question :)

    – Dormouse
    Nov 21 '18 at 8:51
















2














Too keep things simple and transparant you could simply transform the principal in your controller method and dispatch the generic principal from there. 



@RestController

public class MyController {

    @GetMapping("/test")

    public void getWithTransformedPrincipal(@AuthenticationPrincipal Principal principal) {

        GenericPrincipal generic = PrincipalTransformer.transform(principal);

        doSomethingWithPrincipal(generic);

    }

}





share|improve this answer
























  • Any chance of adding the argument resolver solution as an alternative?

    – Dormouse
    Nov 20 '18 at 15:20











  • I would rather not. Not because I'm unwilling. More because I think that it would distract from the more obvious and simple solution.

    – Bart
    Nov 21 '18 at 8:09











  • Right. Although that was the original question :)

    – Dormouse
    Nov 21 '18 at 8:51














2












2








2







Too keep things simple and transparant you could simply transform the principal in your controller method and dispatch the generic principal from there. 



@RestController

public class MyController {

    @GetMapping("/test")

    public void getWithTransformedPrincipal(@AuthenticationPrincipal Principal principal) {

        GenericPrincipal generic = PrincipalTransformer.transform(principal);

        doSomethingWithPrincipal(generic);

    }

}





share|improve this answer













Too keep things simple and transparant you could simply transform the principal in your controller method and dispatch the generic principal from there. 



@RestController

public class MyController {

    @GetMapping("/test")

    public void getWithTransformedPrincipal(@AuthenticationPrincipal Principal principal) {

        GenericPrincipal generic = PrincipalTransformer.transform(principal);

        doSomethingWithPrincipal(generic);

    }

}






share|improve this answer












share|improve this answer



share|improve this answer










answered Nov 20 '18 at 11:35









BartBart

14.3k34372




14.3k34372













  • Any chance of adding the argument resolver solution as an alternative?

    – Dormouse
    Nov 20 '18 at 15:20











  • I would rather not. Not because I'm unwilling. More because I think that it would distract from the more obvious and simple solution.

    – Bart
    Nov 21 '18 at 8:09











  • Right. Although that was the original question :)

    – Dormouse
    Nov 21 '18 at 8:51



















  • Any chance of adding the argument resolver solution as an alternative?

    – Dormouse
    Nov 20 '18 at 15:20











  • I would rather not. Not because I'm unwilling. More because I think that it would distract from the more obvious and simple solution.

    – Bart
    Nov 21 '18 at 8:09











  • Right. Although that was the original question :)

    – Dormouse
    Nov 21 '18 at 8:51

















Any chance of adding the argument resolver solution as an alternative?

– Dormouse
Nov 20 '18 at 15:20





Any chance of adding the argument resolver solution as an alternative?

– Dormouse
Nov 20 '18 at 15:20













I would rather not. Not because I'm unwilling. More because I think that it would distract from the more obvious and simple solution.

– Bart
Nov 21 '18 at 8:09





I would rather not. Not because I'm unwilling. More because I think that it would distract from the more obvious and simple solution.

– Bart
Nov 21 '18 at 8:09













Right. Although that was the original question :)

– Dormouse
Nov 21 '18 at 8:51





Right. Although that was the original question :)

– Dormouse
Nov 21 '18 at 8:51




















draft saved

draft discarded




















































Thanks for contributing an answer to Stack Overflow!


  • Please be sure to answer the question. Provide details and share your research!

But avoid



  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.


To learn more, see our tips on writing great answers.




draft saved


draft discarded














StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53391811%2fspring-security-principal-transformation%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown







-

Popular posts from this blog

mysqli_query(): Empty query in /home/lucindabrummitt/public_html/blog/wp-includes/wp-db.php on line 1924

Image
0 I just uploaded a new plugin to my wordpress site and I got this warning: mysqli_query(): Empty query in /home/lucindabrummitt/public_html/blog/wp-includes/wp-db.php on line 1924 Usually if I have a problem, I can find answers on google but this one seems pretty particular and I'm not finding any info on it except for this forum. I'm not terribly techie but if someone can tell me how to read this and how to change it I can follow directions pretty well. Thanks All! PS If I don't have the proper tags here could someone add the appropriate tags? php mysql wordpress share | improve this question asked Nov 16 '18 at 20:41 ...
Read more

How to change which sound is reproduced for terminal bell?

Image
3 Recently upgrade to 18.10 from 18.04, and using the terminal is becoming annoying: the new alert sound is a drip ( /usr/share/sounds/gnome/default/alerts/drip.ogg ), and the previous one is still located at ( /usr/share/sounds/ubuntu/stereo/bell.ogg ). My issue is that at the gnome-terminal, when autocompleting or pressing left BOTH sounds are reproduced, at the same time. I want to just have ubuntu/stereo/bell.ogg active, not both . At the moment I have been only able to reduce the volume of the alerts (but still both are played), or turn the alerts down (but I dislike both "solutions"). gnome-terminal 18.10 teminal-bell share | improve this question ...
Read more

Can I use Tabulator js library in my java Spring + Thymeleaf project?

Image
0 I want to add Tabulator js to my java project. I added tabulator.min.js, tabulator.min.css to resources folder. After that added to my html page these dependencies as recommending in readme.md. <link rel="stylesheet" th:href="@{/css/tabulator.min.css}"> <script type="text/javascript" th:src="@{/js/tabulator.min.js}"></script> Now my tables view all elements, that I have in the html page, but not correct. In the documentation of Tabulator is example how to create header and table, var table = new Tabulator("#example-table", { columns:[ {title:"Name", field:"name", sorter:"string", width:200, editor:true}, {title:"Age", field:"age", sorter:"...
Read more