Bug #23920
closed
Lift Async system is not able to find spring SecurityContextHolder
Description
In https://github.com/Normation/rudder/pull/5229 I changed the way that CurrentUser was computed and stored in session because it lead to error in several page.
At the time, I supposed it was due to the session fixation prevention process built in spring security, and that lift was trying to use the old (destroyed) session in place of the new one in some context.
That first correction helped, but we still have a problem: in the context of async requests (at least when using lazy-load which uses under the hood AsyncRenderComet.asyncRender), SecurityContextHolder is lost.
I suppose it have to do with the way the session snapshot is done, and perhaps of a similar cause than previously (session moved in the async context?)
Updated by François ARMAND 5 months ago
- Status changed from In progress to Pending technical review
- Assignee changed from François ARMAND to Vincent MEMBRÉ
- Pull Request set to https://github.com/Normation/rudder/pull/5267
Updated by Anonymous 5 months ago
- Status changed from Pending technical review to Pending release
Applied in changeset rudder|015f51a8d1b76872edfa4dc3c4d8238efbc0da7d.
Updated by François ARMAND 4 months ago
- Related to Bug #5229: ncf-api needs to adjust permissions on .git added
Updated by François ARMAND 4 months ago
- Related to deleted (Bug #5229: ncf-api needs to adjust permissions on .git )
Updated by François ARMAND 4 months ago
- Related to Architecture #23797: Backend evolution for node RBAC: add tenants domain concept added
Updated by François ARMAND 4 months ago
- Related to Bug #24017: Webapp can fail to start with null sessionid error added
Updated by François ARMAND 3 months ago
- Related to Bug #24117: Missing policy generation status added
Updated by Vincent MEMBRÉ about 1 month ago
- Status changed from Pending release to Released
This bug has been fixed in Rudder 8.1.0~alpha1 which was released today.