error upon accessing BibSonomy for logged in users after rename
Issue #2477
open
When a user account is renamed and the user is still logged in, an error is thrown when the user tries to access BibSonomy:
Caused by: org.springframework.security.core.userdetails.UsernameNotFoundException: user with name TEST not found
at org.bibsonomy.webapp.util.spring.security.userdetailsservice.DatabaseUserDetailsService.getUserFromDatabase(DatabaseUserDetailsService.java:67)
at org.bibsonomy.webapp.util.spring.security.userdetailsservice.DatabaseUserDetailsService.loadUserByUsername(DatabaseUserDetailsService.java:55)
at org.bibsonomy.webapp.util.spring.security.UsernameSecurityContextRepository.loadContext(UsernameSecurityContextRepository.java:90)
at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:82)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.bibsonomy.webapp.util.spring.filter.DummyFilter.doFilter(DummyFilter.java:51)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:192)
at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:160)
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346)
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:259)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.bibsonomy.webapp.filters.ContentNegotiationFilter.doFilter(ContentNegotiationFilter.java:175)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.bibsonomy.webapp.filters.ContextPathFilter.doFilter(ContextPathFilter.java:270)
We need to find a way to avoid this situation.
The reason is basically, that the users' session still contains the old user name. We need to update the user name in the session as well.
Comments (3)
-
reporter -
- changed status to open
-
- removed responsible
- Log in to comment
We need to tell Spring Security, that the credentials for that user have changed. Cf. user activation where this also happens (https://bitbucket.org/bibsonomy/bibsonomy/src/ed17782e99fb58f8e42373aee6f94670767db552/bibsonomy-webapp/src/main/java/org/bibsonomy/webapp/controller/actions/UserActivationController.java?at=default#cl-164)