[
https://issues.apache.org/jira/browse/CXF-5803?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14032495#comment-14032495
]
Sergey Beryozkin commented on CXF-5803:
---------------------------------------
Hi Andrei
How about updating ThreadLocalInvocationHandler, something like that:
{code:java}
public Object invoke(Object proxy, Method m, Object[] args) throws Throwable {
Object target = null;
if (m.getDeclaringClass() == ThreadLocalProxy.class) {
target = this;
} else {
target = get();
if (target == null) {
// or IllegalStateException, NPE seems a bit closer though to
what the user would otherwise see
Class<?> contextCls = m.getDeclaringClass();
throw new NullPointerException(contextCls.getName() + " context
has not been injected");
// also possibly check if it is a non-standard context class,
if so - add a text like
// "Make sure ContextProvider supporting " +
contextCls.getName() + " has been registered";
}
}
return m.invoke(target, args);
}
{code}
This would make it clear enough, the stack trace would still be originating
from the proxy but the message would still be clear.
Thanks, Sergey
> Injection of SecurityContext
> ----------------------------
>
> Key: CXF-5803
> URL: https://issues.apache.org/jira/browse/CXF-5803
> Project: CXF
> Issue Type: Improvement
> Components: JAX-RS
> Affects Versions: 2.7.11
> Reporter: Andrei Shakirin
> Assignee: Andrei Shakirin
>
> Currently two different SecurityContext interfaces are available in CXF:
> a) standard java: javax.ws.rs.core.SecurityContext
> b) internal CXF: org.apache.cxf.security.SecurityContext
> Context injection using @Context annotation works only for standard one. If
> user purposely or deliberately tries to inject internal CXF SecurityContext,
> access to it caused not very informative NLP:
> {code}
> Caused by: java.lang.NullPointerException
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:606)
> at
> org.apache.cxf.jaxrs.impl.tl.ThreadLocalInvocationHandler.invoke(ThreadLocalInvocationHandler.java:36)
> at com.sun.proxy.$Proxy5.getUserPrincipal(Unknown Source)
> at
> demo.rs.security.SimpleCustomerService.getCustomer(SimpleCustomerService.java:26)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:606)
> at
> org.apache.cxf.service.invoker.AbstractInvoker.performInvocation(AbstractInvoker.java:181)
> at
> org.apache.cxf.service.invoker.AbstractInvoker.invoke(AbstractInvoker.java:97)
> ... 26 more
> {code}
> I would propose either to support injections of both contexts or provide more
> clear error message.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
