-
Notifications
You must be signed in to change notification settings - Fork 126
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Request body is not present in SecurityRule
#689
Comments
I found this PR which explains the change of behavior: micronaut-projects/micronaut-core#5261. Now I understand that the absence of body in filters is intentional, therefore it won't be present in security rules as they are executed in the Alternatively to security rules, AOP Around Advice could be a way of handling the case described in this issue as suggested by this comment: #649 (comment). Thanks. |
Yes, the absence of body in filters is intentional. |
Yes, I am going to write a documentation snippet. We should have clarified this. |
I am closing this issue. I have added a documentation snippet which explains that you cannot read HTTP Body from a |
Task List
Steps to Reproduce
PetControllerTest
, which performs a request to an endpoint secured with aCustomSecurityRule
.CustomSecurityRule
throws an exception because it expects the request body to be present (but it's not).Expected Behaviour
The request body should be populated by the time the security rule is processed.
Actual Behaviour
The request body is not populated by the time the security rule is processed.
I have a custom
SecurityRule
which reads data from the request body. However, when upgrading the app to Micronaut 2.5.6, I've realized that the body is not present in therequest
by the time the security rule is executed.Apparently, this is happening since Micronaut 2.5.0.
Environment Information
Example Application
The text was updated successfully, but these errors were encountered: