AnsweredAssumed Answered

[RESOLVED] Spring authentication issue in 5.11

Question asked by aduarte on Jan 24, 2013
Latest reply on Jan 25, 2013 by aduarte
Hi everybody,

I have an application based on Spring Framework/Hibernate/Vaadin, split in differents layers (Repositories, Services, Views). I've secured my services methods with @PreAuthorize annotations.
I use activiti engine to automate some treatments : I design workflows with Activiti Designer Eclipse Plug-In with java service tasks and I call my application services inside to do some treatments.
An other thing to know is that I start activiti processes in a thread authenticated as admin (to avoid rights problems with secured services methods). This is how I do it :
public void run() {
      super.run();
      securityUtility.authenticateAs(Constants.ADMIN_USER, Constants.ADMIN_PASSWORD);
      
      RuntimeService runtimeService = processEngine.getRuntimeService();
      runtimeService.startProcessInstanceByKey(processId, variables);
   }

Here is my authenticateAs method :
public Authentication authenticateAs(String username, String password) {
      ProviderManager providerManager = (ProviderManager)applicationContext.getBean("authenticationManager");
      Authentication authentication = providerManager.authenticate(new UsernamePasswordAuthenticationToken(username, password));
      SecurityContextHolder.getContext().setAuthentication(authentication);
      return authentication;
   }

It has always worked very well and did everything I wanted until I upgraded to 5.11.

Now I got some securities exceptions when the activiti service task try to call my secure service method :
org.springframework.security.authentication.AuthenticationCredentialsNotFoundException: An Authentication object was not found in the SecurityContext

The strange thing is that some service tasks are working and some others not (for example the first one and the second are working but not the third). It looks like I lost the authentication during the workflow.

Does someone know a change related to that in 5.11?

Outcomes