You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When executing GraphQL requests through websockets, the injected Principal is null. I tried with and without the introduced @AuthenticatedPrincipal annotation, but without a succesful result. Through the HTTP transport, the Principal is injected and everything works as expected.
To demonstrate the issue, I created a demo repo with a basic Spring Boot 2.7.0-m3 application.
To reproduce the issue for the websocket transport with websocat:
~ spring-graphql-principal$ websocat --basic-auth user:password ws://localhost:8080/graphql
**{"type":"connection_init"}**
{"id":null,"type":"connection_ack","payload":{}}
**{"id":"1","type":"subscribe","payload":{"query":"{ helloWorld }"}}**
{"id":"1","type":"next","payload":{"errors":[{"message":"Cannot invoke \"java.security.Principal.getName()\" because \"principal\" is null","locations":[{"line":1,"column":3}],"path":["helloWorld"],"extensions":{"classification":"INTERNAL_ERROR"}}],"data":{"helloWorld":null}}}
{"id":"1","type":"complete","payload":{}}
To see the result for the HTTP transport, use the following curl command:
Seems to be somewhat related to #268 . I tried to pinpoint where it goes wrong, but couldn't figure it out. My first guess would be that the ThreadLocal variables from e.g. the SecurityContext are not properly transferred to the thread handling the actual query.
The text was updated successfully, but these errors were encountered:
We do attempt to propagate per WebSocket message but the SecurityContext was established on a different thread during the handshake, so we need to bridge but it seems GraphQlWebSocketHandler alone is not sufficient because afterSessionEstablished is also not on the initial thread. We'll likely use a HandshakeInterceptor to capture the context during the handshake and save it in the WebSocketSession attributes, and that'll require a change in the Boot starter as well.
rstoyanchev
changed the title
Principal is null when executing requests through websockets
Principal is null when executing requests over WebSocket with Spring MVC
Apr 12, 2022
As a result of changes for
spring-projects/spring-graphql#342,
GraphQlWebSocketHandler now exposes a method to create the
WebSocketHttpRequestHandler, pre-configured with a context propagating
HandshakeInterceptor. This commit updates the autoconfig to use it.
As a result of changes for
spring-projects/spring-graphql#342,
GraphQlWebSocketHandler now exposes a method to create the
WebSocketHttpRequestHandler, pre-configured with a context propagating
HandshakeInterceptor. This commit updates the autoconfig to use it.
Closesgh-30641
When executing GraphQL requests through websockets, the injected Principal is
null
. I tried with and without the introduced@AuthenticatedPrincipal
annotation, but without a succesful result. Through the HTTP transport, the Principal is injected and everything works as expected.To demonstrate the issue, I created a demo repo with a basic Spring Boot 2.7.0-m3 application.
To reproduce the issue for the websocket transport with websocat:
To see the result for the HTTP transport, use the following curl command:
Seems to be somewhat related to #268 . I tried to pinpoint where it goes wrong, but couldn't figure it out. My first guess would be that the
ThreadLocal
variables from e.g. theSecurityContext
are not properly transferred to the thread handling the actual query.The text was updated successfully, but these errors were encountered: